This message was deleted Pulumi Community #typescript

Join Slack

This message was deleted.

# typescript

sparse-intern-71089

02/01/2023, 4:18 PM

This message was deleted.

Untitled.py

great-sunset-355

02/01/2023, 4:25 PM

Isn't

assume_role_policy=pulumi.Output.json_dumps()

good enough?

Output.json_dumps()

should be able to unwrap outputs for you. in Typescript

assume_role_policy

can now accept object directly (most of the time) and when it cannot, you can use `pulumi.interpolate`JSON.stringiy(obj)`

pulumi.interpolate

is somewhat python equivalent of

pulumi.Output.format

so in TS it would look like this:

Copy code

assumeRolePolicy={...props..}

// or

assumeRolePolicy=pulumi.interpolate`JSON.stringify({...props...}`

bland-pharmacist-96854

02/01/2023, 4:28 PM

what about oidc_provider_url? that is a key

bland-pharmacist-96854

02/01/2023, 4:29 PM

in python I'm using f to concatenate it and create the key

bland-pharmacist-96854

02/01/2023, 4:30 PM

does output.json_dumps() exist in typescript?

great-sunset-355

02/01/2023, 4:31 PM

this is exactly it

Copy code

pulumi.interpolate`JSON.stringify({...props...}`

bland-pharmacist-96854

02/01/2023, 4:32 PM

so, how I know when i need to use interpolate or I can writ the props directly?

echoing-dinner-19531

02/01/2023, 4:35 PM

That f'' string needs the apply. But I'd write it as the following for python:

Copy code

assume_role_policy=pulumi.Output.json_dumps(
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": "sts:AssumeRoleWithWebIdentity",
                "Principal": {"Federated": eks_cluster.core.oidc_provider.arn},
                "Condition": {
                    "StringEquals": {
                        pulumi.Output.format("{0}:aud", eks_cluster.core.oidc_provider.url): ["<http://sts.amazonaws.com|sts.amazonaws.com>"]
                    }
                },
            }
        ],
    }
)

echoing-dinner-19531

02/01/2023, 4:35 PM

I'm not sure typescript supports Output keys, so you probably need the apply for TS

echoing-dinner-19531

02/01/2023, 4:36 PM

Copy code

assume_role_policy=eks_cluster.core.oidc_provider.url.apply(url => 
    pulumi.jsonStringify(
        {
            "Version": "2012-10-17",
            "Statement": [
                {
                    "Effect": "Allow",
                    "Action": "sts:AssumeRoleWithWebIdentity",
                    "Principal": {"Federated": eks_cluster.core.oidc_provider.arn},
                    "Condition": {
                        "StringEquals": {
                            [url + ":aud"]: ["<http://sts.amazonaws.com|sts.amazonaws.com>"]
                        }
                    },
                }
            ],
        }
    )
)

bland-pharmacist-96854

02/01/2023, 4:36 PM

no no, I mean, the code in Python is working, I'm trying to translate it to typescript

great-sunset-355

02/01/2023, 4:36 PM

just try it and run

pulumi preview

you'll see the policy result it depends on the what type is accepted by the input for example

aws.iamRole

accepts

Copy code

assumeRolePolicy: pulumi.Input<string | aws.iam.PolicyDocument

I'd do this in TS

Copy code

{
                "Version": "2012-10-17",
                "Statement": [
                    {
                        "Effect": "Allow",
                        "Action": "sts:AssumeRoleWithWebIdentity",
                        "Principal": {"Federated": eks_cluster.core.oidc_provider.arn},
                        "Condition": {
                            "StringEquals": {pulumi.interpolate`${eks_cluster.core.oidc_provider.url}:aud`: ["<http://sts.amazonaws.com|sts.amazonaws.com>"]}
                        },
                    }
                ],
            }

bland-pharmacist-96854

02/01/2023, 4:36 PM

I understand that this means that I need to use interpolate, right?

great-sunset-355

02/01/2023, 4:38 PM

this means that you are referencing something which does not exist

bland-pharmacist-96854

02/01/2023, 4:47 PM

and this? 😂 does this mean that I need interpolate?

echoing-dinner-19531

02/01/2023, 4:51 PM

no again that's because it might be undefined and that property doesn't expect undefined

bland-pharmacist-96854

02/01/2023, 4:52 PM

but that property exists

echoing-dinner-19531

02/01/2023, 4:52 PM

That

.?

can cause the whole expression to be

undefined

bland-pharmacist-96854

02/01/2023, 4:54 PM

why that property is marked with that

echoing-dinner-19531

02/01/2023, 4:54 PM

Because it's optional and might be undefined

echoing-dinner-19531

02/01/2023, 4:55 PM

If your sure it's not you can tell tsc to ignore that by putting a

at the end of the expression

bland-pharmacist-96854

02/01/2023, 4:56 PM

yes, It will not be empty because I set to true the

createOidcProvider

in the cluster

bland-pharmacist-96854

02/01/2023, 4:57 PM

perfect it works that part with

, now lets go with interpolate... 🤔

bland-pharmacist-96854

02/01/2023, 5:03 PM

the issue with pulumi.interpolate is that I need to use it in a dict key and it is not accepted I think, dict keys can only be strings 😕

echoing-dinner-19531

02/01/2023, 5:04 PM

yeh I want to play with that at some point, but I think TS needs to do the apply here so you can have a string key

bland-pharmacist-96854

02/01/2023, 5:05 PM

then I should put the entire policy inside of an apply like in python right?

echoing-dinner-19531

02/01/2023, 5:05 PM

Yup, although python does support Output keys in dicts so you could not use an apply there! Probably best to just try to keep the two as similar as possible though

bland-pharmacist-96854

02/01/2023, 5:07 PM

Sorry for not following you at all... what I have now is this and I'm trying to set the oidcProviderUrl fat line 13 key, it should be a variable or a concatenated string, what do you mean by keeping the two as similar as possible?

Untitled.ts

echoing-dinner-19531

02/01/2023, 5:09 PM

Use an apply, just like you did in Python

bland-pharmacist-96854

02/01/2023, 5:10 PM

ok, let me try, but do you mean that this is also the common way to do it in typescript? I don't need to have similar codes between python and typescript, I want to know the ts way

echoing-dinner-19531

02/01/2023, 5:10 PM

I think in typescript you have to use an apply In python you can use an apply OR an output as a key Given you're working in both langauges I'd just do the apply in both

bland-pharmacist-96854

02/01/2023, 5:15 PM

Nice, this is working, any suggestion to simplify it or it is already ok?

Untitled.ts

echoing-dinner-19531

02/01/2023, 5:15 PM

looks fine to me

bland-pharmacist-96854

02/01/2023, 5:16 PM

I mean, I'm directly using output in the line 10 and using the apply method in line 13, is there any way to homogenize this? Myabe using .all?

echoing-dinner-19531

02/01/2023, 5:17 PM

you could but it's not needed

echoing-dinner-19531

02/01/2023, 5:18 PM

If it's bothering you I think this would also work:

Copy code

const eksAutoscalerRole = new aws.iam.Role("AmazonEKSClusterAutoscalerRole", {
    name: "AmazonEKSClusterAutoscalerRole",
    assumeRolePolicy: pulumi.jsonStringify({
        Version: "2012-10-17",
        Statement: [
          {
            Effect: "Allow",
            Action: "sts:AssumeRoleWithWebIdentity",
            Principal: { Federated: eksCluster.core.oidcProvider?.arn! },
            Condition: {
              StringEquals: eksCluster.core.oidcProvider!.url.apply(oidcProviderUrl => {
                return { [oidcProviderUrl + ":aud"]: ["<http://sts.amazonaws.com|sts.amazonaws.com>"] }
              }),
            },
          },
        ],
      }),
  });

bland-pharmacist-96854

02/01/2023, 5:19 PM

just trying to have the code as clean as possible 😅 , let me try

bland-pharmacist-96854

02/01/2023, 5:26 PM

Working like a charm! Also removed

pulumi.jsonStringify

Untitled.ts

bland-pharmacist-96854

02/01/2023, 5:27 PM

thank you very much, now I understand better typescript and pulumi!! 😊😊😊😊😊

🙌 1

Open in Slack

Previous Next