https://pulumi.com logo
#python
Title
q

quiet-painter-30539

06/30/2020, 9:21 AM
I'm creating a bucket and a bucket policy using Pulumi / Python. How to get the bucket arn from a bucket resource for creating the bucket policy? If I try to get the bucket arn in the same pulumi up run (i.e. creating the bucket and bucket policy) I get required field is not set. If I try to get the id from the bucket I just get the Output object - how to convert that to string?
f

full-window-21515

06/30/2020, 3:15 PM
Is the
arn
always
arn:aws:s3:::bucket_name
?
The other way might be to “apply” the
arn
similar to this
Copy code
<https://github.com/pulumi/examples/blob/master/aws-py-assume-role/create-role/__main__.py#L41>
s

sparse-state-34229

06/30/2020, 4:19 PM
Copy code
bucket = aws.s3.Bucket("name")
arn = bucket.arn
g

gentle-diamond-70147

06/30/2020, 5:41 PM
You do need to apply the arn if you're building out the entire bucket policy json. Here's an example - https://github.com/pulumi/examples/blob/ec43670866809bfd64d3a39f68451f957d3c1e1d/aws-py-s3-folder/__main__.py#L21-L39.
q

quiet-painter-30539

07/01/2020, 6:41 AM
I found a way to do it yesterday:
Copy code
policy = bucket.id.apply(lambda id:
            '''
            {{
...
               "Resource": "arn:aws:s3:::{my_id}/*"
...
'''.format(my_id=id)...