This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

09/04/2019, 4:02 PM

This message was deleted.

white-balloon-205

09/04/2019, 4:17 PM

To first approximation, no. And in fact this was one of the key motivations for the design of the CallbackFubction model in aws and awsx. I do recall we once worked with someone who did manage to accomplish this - but it required some “hacks”. I don’t recommend it - but I’ll see if I can dig it up.

white-balloon-205

09/04/2019, 4:21 PM

So if you do:

Copy code

import * as cloudAws from "@pulumi/cloud-aws"

cloudAws.setComputeIAMRolePolicies(policyArns);

Then you should see any lambdas created after that will use a Role created with those policy arns attached. This is pretty limited, and requires you make this call before any Lambdas are created by

@pulumi/cloud

- but may let you work around this.

billowy-laptop-45963

09/04/2019, 4:33 PM

thanks, so your recommendation is to use aws directly I guess? This is the route I'm going down anyways...

white-balloon-205

09/04/2019, 4:38 PM

There are two options: 1. If you really want to use

cloud

but need to customize Roles (an AWS specific concept), then you can load up

@pulumi/cloud-aws

and make the call above, but still use all the rest of the APIs from

@pulumi/cloud

. 2. If you are on AWS only, you will likely find things more flexible working with

@pulumi/aws

and

@pulumi/awsx

- which offer many of the same capabilities - but in an AWS specific form that gives you access to every knob you may need.

Open in Slack

Previous Next