https://pulumi.com logo
#typescript
Title
# typescript
s

salmon-ghost-86211

07/15/2020, 2:52 PM
I'm trying to create access keys, write a few fields into a new JSON object and convert it to ciphertext, then save it to S3 as a new file. Before this code I create a KMS key (myKms), and IAM user (iamUser) and have an S3 bucket object defined (myS3Bucket). If 
userIamAccessKeys.id
 or 
userIamAccessKeys.secret
 is the only 
content
 on the BucketObject, it writes successfully. If  
encryptedKeys
 ciphertext is the 
content
, the text written is 
[object Object]
. I can't seem to use 
toJSON
 or 
toString
 or 
.apply
 to build the ciphertext. How do I pull out some details from the 
AccessKey
, convert it to 
Ciphertext
 and insert it into the 
BucketObject
 
content
?
Copy code
const userIamAccessKeys = new aws.iam.AccessKey(
    "iam-access-key",
    { user: iamUser.name, },
    { dependsOn: iamUser }
);

const encryptedKeys = new aws.kms.Ciphertext(
    "user-encrypted-keys",
    {
        keyId: myKms.keyId,
        plaintext: `{
          "access_key": ${userIamAccessKeys.id},
          "secret_key": ${userIamAccessKeys.secret}
        }
        `
    },
    { dependsOn: userIamAccessKeys }
);

// Store the already encrypted access keys in S3
const accessKeysInS3 = new aws.s3.BucketObject(
    "access-keys-in-s3",
    {
        bucket: myS3Bucket.apply(bucket => bucket.id),
        content: encryptedKeys.toString(),
        key: "accesskeys.json.enc"
    },
    { dependsOn: [userIamAccessKeys, encryptedKeys] }
);
g

gentle-diamond-70147

07/15/2020, 3:39 PM
Hi @salmon-ghost-86211, I answered on your other message at https://pulumi-community.slack.com/archives/CRH5ENVDX/p1594823238424000.