In order to get around not being able to pass the ...
# general
In order to get around not being able to pass the lambda role into pulumi/cloud cron(), is it possible, within the same program, to create it and then set the config value for computeIAMRolePolicyARNs which is used later on by pulumi/cloud? My gut says no...
To first approximation, no. And in fact this was one of the key motivations for the design of the CallbackFubction model in aws and awsx. I do recall we once worked with someone who did manage to accomplish this - but it required some “hacks”. I don’t recommend it - but I’ll see if I can dig it up.
So if you do:
Copy code
import * as cloudAws from "@pulumi/cloud-aws"

Then you should see any lambdas created after that will use a Role created with those policy arns attached. This is pretty limited, and requires you make this call before any Lambdas are created by
- but may let you work around this.
thanks, so your recommendation is to use aws directly I guess? This is the route I'm going down anyways...
There are two options: 1. If you really want to use
but need to customize Roles (an AWS specific concept), then you can load up
and make the call above, but still use all the rest of the APIs from
. 2. If you are on AWS only, you will likely find things more flexible working with
- which offer many of the same capabilities - but in an AWS specific form that gives you access to every knob you may need.