What would be the best way to have a function that can creat Pulumi Community #typescript

What would be the best way to have a function that...

able-hair-32695

12/17/2021, 6:43 PM

What would be the best way to have a function that can create AWS policy Documents and return them, while consuming outputs? I have the below code, but can’t figure out how to extract the strings from the outputs. Everything I’ve read seems to indicate that apply, all, etc still return an output rather than just a string

Copy code

export function generateGithubOIDCAssumeRolePolicy(params: {
    githubOwner: Input<string>;
    repositoryName: Input<string>;
    oidcProviderArn: Input<string>;
}): Promise<GetPolicyDocumentResult> {
    return getPolicyDocument({
        statements: [
            {
                actions: ['sts:AssumeRoleWithWebIdentity'],
                conditions: [
                    {
                        test: 'StringLike',
                        values: [`repo:${params.githubOwner}/${params.repositoryName}:*`],
                        variable: '<http://token.actions.githubusercontent.com:sub|token.actions.githubusercontent.com:sub>',
                    },
                ],
                principals: [
                    {
                        identifiers: [params.oidcProviderArn],
                        type: 'Federated',
                    },
                ],
            },
        ],
    });
}

able-hair-32695

12/17/2021, 6:44 PM

The condition values, and principal identifiers in this case are the ones causing issues

billowy-army-68599

12/17/2021, 6:45 PM

yeah if you're passing an input, because the statement is a string, you need an apply. https://github.com/jaxxstorm/pulumi-examples/blob/2519023cd4f22acd564783f6f4445a44dd82df65/typescript/aws/eks-platform/alb-ingress-controller/index.ts#L19-L38

Open in Slack

Previous Next