https://pulumi.com logo
#general
Title
# general
b

brave-angle-33257

08/20/2021, 9:18 PM
Outputs question.. I'm pulling in a stack reference from another stack, and it returns a map of data. usually I would do like this:
Copy code
var stackref = new pulumi.StackReference('s3stack');
var resource = new <http://aws.XXX|aws.XXX>('resource', {
    bucket: stackref.getOutput('outputs').apply(v=>v['storagebucket']['bucket'])
})
I'm trying to use this with a pulumi.all like this but can't get it working, it always shows up as [object] in the policy I'm trying to create. The deploy bucket is created in another stack, and the artifact bucket is created in this same stack with the build project
Copy code
let pipeline_role_policy = new aws.iam.Policy(pipeline_role_name, {
    name: pipeline_role_name,
    policy: pulumi
        .all([stackref.getOutput("outputs"), this_stack_pipeline_bucket.arn])
        .apply(([bucketOutputs, artifactBucketArn]) => {
            return {
                Version: "2012-10-17",
                Statement: [
                    {
                        Effect: "Allow",
                        Action: ["s3:*"],
                        Resource: [
                            `${bucketOutputs['deploy']['bucket']}`,
                            `${bucketOutputs['deploy']['bucket']}/*`,
                            `${artifactBucketArn}`,
                            `${artifactBucketArn}/*`,
                        ],
                    },
                ],
            };
        })
        .apply(JSON.stringify),
});
g

great-sunset-355

08/21/2021, 8:51 AM
that's the never-ending problem with outputs instead of
.all
I'd use
Output.fromInput({...policy...}).apply(JSON.stringify)
Then inside
..policy..
unpack each output as required. Also someone pointed me to this https://github.com/udondan/iam-floyd which I did not have a chance to try
b

brave-angle-33257

08/23/2021, 12:23 AM
haven't heard of Output.fromInput I'll check it out, thanks!
7 Views