Thread
#getting-started
    i

    icy-controller-6092

    5 months ago
    Is there an API for generating IAM policies? e.g. I have a
    aws.s3.Bucket
    and I want to be able to call
    PutObject
    from a
    aws.lambda.Function
    - is there some kind of helper function where I can pass that in and get back a
    aws.iam.Policy
    ?
    l

    little-cartoon-10569

    5 months ago
    Are you using typescript/javascript? There's a helper type, aws.iam.PolicyDocument, that essentially achieves this.
    i

    icy-controller-6092

    5 months ago
    this is great, thanks 🙂 I was searching for “pulumi iam generator” and couldn’t find anything, but adding policy returns the
    getPolicyDocument
    helper. thanks again !
    l

    little-cartoon-10569

    5 months ago
    getPolicyDocument is good, but it's the older API. Simply creating a JS object with the aws.iam.PolicyDocument fields works a charm. You can assign it directly to most policy document fields.
    Not quite all, unfortunately (policy documents existing all over the place), but all the most common uses, anyway.
    Here's an example from my code base
    l

    limited-rainbow-51650

    5 months ago
    @icy-controller-6092 if you are using JS/TS, you can use this third-party library a friend of mine created: https://www.npmjs.com/package/@thinkinglabs/aws-iam-policy