This message was deleted.
# awss
sparse-intern-71089
11/28/2022, 4:34 PMThis message was deleted.
b
billowy-army-68599
11/28/2022, 4:42 PM
how did you try doing it with
apply๐ 1
l
lively-needle-84406
11/28/2022, 4:57 PMThanks @billowy-army-68599
I have attempted this again using the
apply Copy code
export const clusterAutoScalingPolicy = new aws.iam.Policy("clusterAutoScalingPolicy", {
policy: pulumi
.all([cluster.core.cluster.name])
.apply(([clusterName]) => {
JSON.stringify({
Version: "2012-10-17",
Statement: [
{
Sid: "VisualEditor0",
Effect: "Allow",
Action: [
"autoscaling:SetDesiredCapacity",
"autoscaling:TerminateInstanceInAutoScalingGroup"
],
Resource: "*",
Condition: {
StringEquals: {
[clusterName]: "owned"
}
}
},
{
Sid: "VisualEditor1",
Effect: "Allow",
Action: [
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeAutoScalingGroups",
"ec2:DescribeLaunchTemplateVersions",
"autoscaling:DescribeTags",
"autoscaling:DescribeLaunchConfigurations"
],
Resource: "*"
}
]
})
})
}, {
dependsOn: [cluster]
});aws.iam.Policystring | PolicyDocumentpulumi.all.applyOutputInstance<void>b
billowy-army-68599
11/28/2022, 5:00 PM
l
lively-needle-84406
11/28/2022, 6:00 PM@billowy-army-68599 After casting, I am getting the following error:
Copy code
error: aws:iam/policy:Policy resource 'clusterAutoScalingPolicy' has a problem: Missing required argument: The argument "policy" is required, but no definition was found.. Examine values at 'Policy.Policy'. Copy code
export const clusterAutoScalingPolicy = new aws.iam.Policy("clusterAutoScalingPolicy", {
policy: pulumi
.all([cluster.core.cluster.name])
.apply(([clusterName]) => {
JSON.stringify({
Version: "2012-10-17",
Statement: [
{
Sid: "VisualEditor0",
Effect: "Allow",
Action: [
"autoscaling:SetDesiredCapacity",
"autoscaling:TerminateInstanceInAutoScalingGroup"
],
Resource: "*",
Condition: {
StringEquals: {
[`aws:ResourceTag/k8s.io/cluster-autoscaler/${clusterName}`]: "owned"
}
}
},
{
Sid: "VisualEditor1",
Effect: "Allow",
Action: [
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeAutoScalingGroups",
"ec2:DescribeLaunchTemplateVersions",
"autoscaling:DescribeTags",
"autoscaling:DescribeLaunchConfigurations"
],
Resource: "*"
}
]
})
}) as unknown as aws.iam.PolicyDocument
}, {
dependsOn: [cluster]
});lively-needle-84406
11/28/2022, 6:01 PMFYI - had to cast the
policy Copy code
Conversion of type 'OutputInstance<void>' to type 'PolicyDocument' may be a mistake because neither type sufficiently overlaps with the other. If this was intentional, convert the expression to 'unknown' first.lively-needle-84406
11/29/2022, 6:43 PM@billowy-army-68599 Bumping this up. Still currently stuck on this with no working resolution ๐
b
billowy-army-68599
11/29/2022, 7:59 PM
Sorry, still on my todo list
๐ 1
l
lively-needle-84406
12/05/2022, 4:12 PM@billowy-army-68599 Following up on this. I could not get this working with any of the above mentioned solutions. I ended up just manually naming the cluster and using that specified cluster name in the string interpolation.
b
billowy-army-68599
12/06/2022, 5:27 PM
@lively-needle-84406 sorry for the delay here, I was at re:invent last week so had limited time to sit down and go through issues.
Hereโs the solution
Copy code
const policyDoc = cluster.core.cluster.name.apply((name) =>
JSON.stringify({
Version: "2012-10-17",
Statement: [
{
Sid: "VisualEditor0",
Effect: "Allow",
Action: [
"autoscaling:SetDesiredCapacity",
"autoscaling:TerminateInstanceInAutoScalingGroup",
],
Resource: "*",
Condition: {
StringEquals: {
[`aws:ResourceTag/k8s.io/cluster-autoscaler/${name}`]: "owned",
},
},
},
{
Sid: "VisualEditor1",
Effect: "Allow",
Action: [
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeAutoScalingGroups",
"ec2:DescribeLaunchTemplateVersions",
"autoscaling:DescribeTags",
"autoscaling:DescribeLaunchConfigurations",
],
Resource: "*",
},
],
})
);
export const clusterAutoScalingPolicy = new aws.iam.Policy(
"clusterAutoScalingPolicy",
{
policy: policyDoc,
}, {
dependsOn: [cluster],
}
);๐ 1
261 Views