Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by LinenTitle
t
thousands-train-46386
12/06/2022, 3:29 PMI’m attempting to create an AWS IAM policy and provide the resulting ARN to a Role. Using Go + Pulumi it seems I must write custom code to take the Pulumi output value from one resource so it can be provided as an input to another resource which expects Go native types. The same scenario seems to exist for values I extract with the
ApplyTl
little-soccer-5693
12/06/2022, 6:54 PMusually the outputs will have an Arn() and/or ID() helper functions to facilitate this, and there is also the handy pulumi.Sprintf() when you need to combine output strings into something else. I tend to prefer those where possible, but there are sometimes situations where that's not possible and using Apply() directly is the only way to go.
e.g. here's a code block i have for setting up a lambda permission for api gateway:
permissionArgs := &lambda.PermissionArgs{
Action: pulumi.String("lambda:InvokeFunction"),
Function: lambdaFunc.Arn,
Principal: pulumi.String("<http://apigateway.amazonaws.com|apigateway.amazonaws.com>"),
SourceArn: pulumi.Sprintf("arn:aws:execute-api:%v:%v:%v/*",
region, accountId, apiGw.ID()),
}
_, err = lambda.NewPermission(ctx, "lambda-perm", permissionArgs)
if err != nil {
return err
}f
fierce-ability-58936
12/06/2022, 8:17 PMI think PolicyArns in piam.RoleArgs should expect a
pulumi.StringArrayOutputpulumi.ToStringArray...
PolicyArns: pulumi.ToStringArrayOutput(
[]pulumi.StringOutput{acmeDNS01Policy.Arn}),
}
...t
thousands-train-46386
12/07/2022, 1:51 PM@fierce-ability-58936 Thank you for that advice, that does seem to have helped as I’m no longer getting compile errors. When I attempt to provision the stack though I’m now receiving an error:
error: an unhandled error occurred: waiting for RPCs: rpc error: code = Unknown desc = setting args: copying input "role": expected destination type to implement pulumi.Input or pulumi.Output, got utils.RoleArgs_, err = piam.NewAssumableRoleWithOIDC(ctx, eksID+"-cert-manager", &piam.AssumableRoleWithOIDCArgs{
Role: piam.RolePtr(
&piam.RoleArgs{
Name: pulumi.String(eksID + "-cert-manager"),
PolicyArns: pulumi.ToStringArrayOutput([]pulumi.StringOutput{acmeDNS01Policy.Arn}),
}),
ProviderUrls: pulumi.ToStringArrayOutput([]pulumi.StringOutput{oidcPolicyURL}),
Tags: pulumi.StringMap{
"Owner": pulumi.String(event.User),
"EKS cluster": pulumi.String(eksID),
},
}, pulumi.DependsOn([]pulumi.Resource{eksCluster}))f
fierce-ability-58936
12/07/2022, 7:33 PMCan't test right now but the doc says
Role: iam.RoleArgs{
Name: pulumi.String("oidc-role"),
PolicyArns: pulumi.ToStringArray([]string{"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"}),
},t
thousands-train-46386
12/07/2022, 8:29 PMI added
RolePtr