This message was deleted.
# pythons
sparse-intern-71089
06/24/2022, 10:03 PMThis message was deleted.
b
billowy-army-68599
06/24/2022, 10:05 PM
Any reasons you're not using json.dumps?
billowy-army-68599
06/24/2022, 10:05 PM
Also, you don't appear to have used an apply, that's gonna cause issues
f
future-france-34957
06/24/2022, 10:06 PMI am using
json.dumps(POLICY)b
billowy-army-68599
06/24/2022, 10:06 PM
There are examples in github.com/pulumi/examples
billowy-army-68599
06/24/2022, 10:06 PM
Yeah but you're building with an f string rather than an object
f
future-france-34957
06/24/2022, 10:08 PMIf I do
Copy code
# Custom API-Tasks ECS Role Policy
self.api_tasks_ecs_permissions = iam.RolePolicy(
resource_name="api-tasks-ecs-permissions",
role=self.api_tasks_ecs_role.id,
policy=json.dumps({
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ssm:GetParameters"
],
"Resource": [
f"arn:aws:ssm:{aws_region}:{aws_account}:parameter/{env_stack}.api.config-location-s3"
],
"Effect": "Allow"
}
]
})
) Copy code
Error putting IAM role policy api-tasks-ecs-permissions-e425b0b: MalformedPolicyDocument: The policy failed legacy parsingfuture-france-34957
06/24/2022, 10:15 PMI don’t see an example of using dynamic resources in an IAM Policy in http://github.com/pulumi/examples, I just checked all the python examples
future-france-34957
06/24/2022, 10:32 PM Copy code
POLICY = {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ssm:GetParameters"
],
"Resource": [
"arn:aws:ssm:" + aws_region + ":" + aws_account +
":parameter/" + env_stack + ".api.config-location-s3"
],
"Effect": "Allow"
}
]
}
# Custom API-Tasks ECS Role Policy
self.api_tasks_ecs_permissions = iam.RolePolicy(
resource_name="api-tasks-ecs-permissions",
role=self.api_tasks_ecs_role.id,
policy=json.dumps(POLICY)
) Copy code
TypeError: can only concatenate str (not "AwaitableGetRegionResult") to strfuture-france-34957
06/24/2022, 10:36 PMohh….
aws_region = aws.get_region().name54 Views