fierce-machine-2178911/14/2019, 8:53 PM
that exactly mirrors those AWS examples, including specifying the appropriate `Principal`s, the output I get upon running
error: Plan apply failed: Error creating IAM policy policy-abcd123: MalformedPolicyDocument: Policy document should not specify a principal.
on the CMK resource, and that fixed the Principals issue. However now I'm running into that common issue where I need to go from
-> string (stringified JSON, in this case) since I want to reference the `User.arn`s managed by Pulumi in the PolicyDocument I'm attaching to the CMK
, but then everything that references that PolicyDocument also seems to have to exist within the asynchronous context of that
, which is very unfortunate