https://pulumi.com logo
Powered by
#python
Title
p

polite-iron-99873

03/11/2020, 2:39 PM
Anyone know how to create an iam.RolePolicy that includes an Output from another resource? The following fails because vpc.id is an 'output', and policy requires a 'str'
Copy code
policy=
        {
            "Version": "2012-10-17",
            "Statement": [{
                "Action": [
                    "logs:PutLogEvents",
                    "logs:CreateLogStream",
                    "logs:DescribeLogGroups",
                    "logs:DescribeLogStreams"
                ],
                "Effect": "Allow",
                "Resource": 'arn:aws:logs:us-east-1:xxxxxxxxx:log-group:/aws/vpc/' + vpc.id + '/flows/*'
            }]
        })
This problem is actually more broad in that you cannot concatenate a string with an output at all. The following will fail as well.
Copy code
logGroupName = '/aws/vpc/' + vpc.id + '/flows/reject'
n

nutritious-shampoo-16116

03/11/2020, 2:54 PM
which error it throws?
p

polite-iron-99873

03/11/2020, 2:58 PM
Copy code
logGroupName = '/aws/vpc/' + vpc.id + '/flows/reject'
    TypeError: must be str, not Output
    error: an unhandled error occurred: Program exited with non-zero exit code: 1
n

nutritious-shampoo-16116

03/11/2020, 3:28 PM
did you try
Copy code
Output.concat('/aws/vpc/', vpc.id, '/flows/rehect')
p

polite-iron-99873

03/11/2020, 4:03 PM
That did the trick. Thank you very much!
n

nutritious-shampoo-16116

03/12/2020, 1:02 PM
👌
Powered by