sparse-intern-71089
11/14/2019, 8:53 PMfierce-machine-21789
11/14/2019, 8:55 PMfierce-machine-21789
11/14/2019, 8:58 PMPolicyDocument
that exactly mirrors those AWS examples, including specifying the appropriate `Principal`s, the output I get upon running pulumi up
is
error: Plan apply failed: Error creating IAM policy policy-abcd123: MalformedPolicyDocument: Policy document should not specify a principal.
fierce-machine-21789
11/14/2019, 8:58 PMwhite-balloon-205
fierce-machine-21789
11/14/2019, 11:13 PMPolicyDocument
-> Policy
-> Policy.policy
on the CMK resource, and that fixed the Principals issue. However now I'm running into that common issue where I need to go from Output<T>
-> string (stringified JSON, in this case) since I want to reference the `User.arn`s managed by Pulumi in the PolicyDocument I'm attaching to the CMKfierce-machine-21789
11/14/2019, 11:14 PM.apply()
, but then everything that references that PolicyDocument also seems to have to exist within the asynchronous context of that .apply()
, which is very unfortunate