https://pulumi.com logo
Title
b

brave-angle-33257

08/20/2021, 9:18 PM
Outputs question.. I'm pulling in a stack reference from another stack, and it returns a map of data. usually I would do like this:
var stackref = new pulumi.StackReference('s3stack');
var resource = new <http://aws.XXX|aws.XXX>('resource', {
    bucket: stackref.getOutput('outputs').apply(v=>v['storagebucket']['bucket'])
})
I'm trying to use this with a pulumi.all like this but can't get it working, it always shows up as [object] in the policy I'm trying to create. The deploy bucket is created in another stack, and the artifact bucket is created in this same stack with the build project
let pipeline_role_policy = new aws.iam.Policy(pipeline_role_name, {
    name: pipeline_role_name,
    policy: pulumi
        .all([stackref.getOutput("outputs"), this_stack_pipeline_bucket.arn])
        .apply(([bucketOutputs, artifactBucketArn]) => {
            return {
                Version: "2012-10-17",
                Statement: [
                    {
                        Effect: "Allow",
                        Action: ["s3:*"],
                        Resource: [
                            `${bucketOutputs['deploy']['bucket']}`,
                            `${bucketOutputs['deploy']['bucket']}/*`,
                            `${artifactBucketArn}`,
                            `${artifactBucketArn}/*`,
                        ],
                    },
                ],
            };
        })
        .apply(JSON.stringify),
});
g

great-sunset-355

08/21/2021, 8:51 AM
that's the never-ending problem with outputs instead of
.all
I'd use
Output.fromInput({...policy...}).apply(JSON.stringify)
Then inside
..policy..
unpack each output as required. Also someone pointed me to this https://github.com/udondan/iam-floyd which I did not have a chance to try
b

brave-angle-33257

08/23/2021, 12:23 AM
haven't heard of Output.fromInput I'll check it out, thanks!