I'm running into some trouble with the AWS-Native ...
# general
I'm running into some trouble with the AWS-Native package in golang, I need an AWS Role so I copied the example here: https://www.pulumi.com/registry/packages/aws-native/api-docs/iam/role/#example-2 thusly
Copy code
eksRole, err := iam.NewRole(ctx, "eksRole", &iam.RoleArgs{
                        AssumeRolePolicyDocument: pulumi.Any{
                                Version: "2012-10-17",
                                Statement: []map[string]interface{}{
                                                "effect": "Allow",
                                                "principal": map[string]interface{}{
                                                        "service": []string{
                                                "action": []string{
                        Path: pulumi.String("/"),
                        ManagedPolicyArns: pulumi.StringArray{
                if err != nil {
                        return err
But when I try and run that I get the following errors.
Copy code
  pulumi:pulumi:Stack (EKS-EKS-test):
    # EKS
    ./main.go:77:30: pulumi.Any is not a type
    ./main.go:77:30: invalid composite literal type func(interface {}) pulumi.AnyOutput
    error: an unhandled error occurred: program exited with non-zero exit code: 2
I have spent some time checking I copied the example well enough and I can't find any syntax errors, also when I copy the code from the example verbatim into my main.go and try to run it I get similar errors. Did something change about pulumi.Any? Is there an error in the example? Please help!
Have you imported the Pulumi package and aliased it as "pulumi"?
yes, I assume having
import { "<http://github.com/pulumi/pulumi/sdk/v3/go/pulumi|github.com/pulumi/pulumi/sdk/v3/go/pulumi>" }
at the top achieves that. I also expect the pulumi.String and pulumi.StringArray I used elsewhere would also fail if I hadn't.
Yep true.
I don't see that syntax in any of the other examples. Most use JSON marshalling, but this is one that I prefer the look of: https://github.com/pulumi/examples/blob/5b1b42e6bd2da3461e36630965f343e365ea5ff3/aws-go-slackbot/main.go#L46
All those
bits might be fine for golangians, but it's hard to read for the rest of us. This style seems more grokable.
That looks to be using the pulumi-aws provider and not the pulumi-aws-native one which I was trying to use out of preference
No argument on the grokablity mind
Shouldn't matter. In the API call, it's just JSON.
Try the
approach, see if it fixes the problem?
Thanks, I'll give it a try
The rest shouldn't need to change, just the argument to AssumeRolePolicyDocument
approach is probably relying on auto-conversion of objects to JSON under the Pulumi hood anyway.
is just making it a bit more explicit.
Yup that works fine.
using the pulumi.String
Thanks 😄
👍 1
So it seems I was wrong yesterday and this doesn't work. It compiles ok, but then when I try to apply it I get an error like:
Copy code
aws-native:iam:Role (eksRole):
    error: resource partially created but read failed. read error: reading resource state: operation error CloudControl: GetResource, https response error StatusCode: 400, RequestID: 37537079-4292-4a5b-a9f0-ff4d2da08801, ResourceNotFoundException: AWS::IAM::Role Handler returned status FAILED: The role with name eksRole-e2fc0f1 cannot be found. (Service: Iam, Status Code: 404, Request ID: e396cf09-f627-420f-8a5b-ebee365e73a1, Extended Request ID: null) (HandlerErrorCode: NotFound, RequestToken: e64d8096-1398-47b4-a8e4-c636b98ae8a2), create error: operation CREATE failed with "InvalidRequest": This policy contains invalid Json (Service: Iam, Status Code: 400, Request ID: ecf8171b-1d3f-4805-b714-3bd259667535, Extended Request ID: null)
and when I look at the details I see the JSON is like
Copy code
+ aws-native:iam:Role: (create)
        assumeRolePolicyDocument: "{ \"Version\": \"2012-10-17\", \"Statement\": [{ \"Effect\": \"Allow\", \"Principal\": { \"Service\": \"<http://eks.amazonaws.com|eks.amazonaws.com>\", }, \"Action\": \"sts:AssumeRole\", }] }"
        managedPolicyArns       : [
So a bunch of \s I don't need or want. Which is I guess what the pulumi.Any{} was about.
But there is no pulumi.Any{} only a pulumi.Any() so I don't understand why the example in the docs https://www.pulumi.com/registry/packages/aws-native/api-docs/iam/role/#example-2 is wrong
I solved this by using the encoding/json package to encode the json blob which makes the role: I cribbed the code from here https://www.pulumi.com/registry/packages/aws/api-docs/iam/role/#basic-example but I am using the AWS native role pakage.