I'm trying to create access keys, write a few fields into a new JSON object and convert it to ciphertext, then save it to S3 as a new file. Before this code I create a KMS key (myKms), and IAM user (iamUser) and have an S3 bucket object defined (myS3Bucket). If 

userIamAccessKeys.id

 or 

userIamAccessKeys.secret

 is the only 

content

 on the BucketObject, it writes successfully. If  

encryptedKeys

 ciphertext is the 

content

, the text written is 

[object Object]

. I can't seem to use 

toJSON

 or 

toString

 or 

.apply

 to build the ciphertext. How do I pull out some details from the 

AccessKey

, convert it to 

Ciphertext

 and insert it into the 

BucketObject

 

content

?

const userIamAccessKeys = new aws.iam.AccessKey(
    "iam-access-key",
    { user: iamUser.name, },
    { dependsOn: iamUser }
);

const encryptedKeys = new aws.kms.Ciphertext(
    "user-encrypted-keys",
    {
        keyId: myKms.keyId,
        plaintext: `{
          "access_key": ${userIamAccessKeys.id},
          "secret_key": ${userIamAccessKeys.secret}
        }
        `
    },
    { dependsOn: userIamAccessKeys }
);

// Store the already encrypted access keys in S3
const accessKeysInS3 = new aws.s3.BucketObject(
    "access-keys-in-s3",
    {
        bucket: myS3Bucket.apply(bucket => bucket.id),
        content: encryptedKeys.toString(),
        key: "accesskeys.json.enc"
    },
    { dependsOn: [userIamAccessKeys, encryptedKeys] }
);

Hi @salmon-ghost-86211, I answered on your other message at https://pulumi-community.slack.com/archives/CRH5ENVDX/p1594823238424000.