I am trying to use a long policy document for AWS in Pulumi that sits on disk.
const policyDocument = new pulumi.asset.FileAsset("./policy.json");
However, when I try to use the variable later like this:
export const jobPolicy = new aws.iam.Policy(`${ jobName }-policy`, {
path: `/${ stage }`,
description: `Policy for ETL job ${ jobName }`,
policy: JSON.stringify(policyDocument)
});
I get the following:
+ policy : "{\"__pulumiAsset\":true,\"path\":{}}"
Is there a way to somehow use a JSON file in Pulumi + TypeScript?
I also tried:
import * as fs from 'fs';
const policyDocument = fs.readFileSync('policy.json', 'utf8');
The result is:
Error: ENOENT: no such file or directory, open 'policy.json'
at Object.openSync (node:fs:585:3)
A pulumi.asset.FileAsset creates new resources, with inputs and outputs. It's generally used to create lambda functions.
The policy parameter takes a standard TypeScript string, so you were on the right lines using fs.readFileSync, but I think you forgot to add the path to the json file. You could probably do:
const policyDocument = fs.readFileSync('./policy.json','utf8');
Notice the ./ there. However, a safer way is to resolve the directory using path. Try something like this
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from 'fs';
import * as path from "node:path";
const policyDocument = fs.readFileSync(path.resolve(__dirname, 'policy.json'), 'utf8');
const jobPolicy = new aws.iam.Policy('file-policy', {
policy: policyDocument
});