Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Iam Policy Document data source call renders PANIC into docs #1354

Open
t0yv0 opened this issue May 1, 2024 · 0 comments
Open

AWS Iam Policy Document data source call renders PANIC into docs #1354

t0yv0 opened this issue May 1, 2024 · 0 comments
Labels
area/codegen kind/bug Some behavior is incorrect or out of spec

Comments

@t0yv0
Copy link
Member

t0yv0 commented May 1, 2024

What happened?

Another AWS example of PANIC in docs.

Example

data "aws_iam_policy_document" "assume_role" {
  effect = "Allow"

  principals {
    type        = "Service"
    identifiers = ["credentials.iot.amazonaws.com"]
  }

  actions = ["sts:AssumeRole"]
}

resource "aws_iam_role" "role" {
  name               = "dynamodb-access-role"
  assume_role_policy = data.aws_iam_policy_document.assume_role.json
}

resource "aws_iot_role_alias" "alias" {
  alias    = "Thermostat-dynamodb-access-role-alias"
  role_arn = aws_iam_role.role.arn
}

to

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iot.RoleAlias;
import com.pulumi.aws.iot.RoleAliasArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .effect("Allow")
            .principals(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
            .actions("sts:AssumeRole")
            .build());

        var role = new Role("role", RoleArgs.builder()        
            .name("dynamodb-access-role")
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var alias = new RoleAlias("alias", RoleAliasArgs.builder()        
            .alias("Thermostat-dynamodb-access-role-alias")
            .roleArn(role.arn())
            .build());

    }
}

Output of pulumi about

N/A

Additional context

N/A

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@t0yv0 t0yv0 added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels May 1, 2024
@t0yv0 t0yv0 mentioned this issue May 1, 2024
Open
@justinvp justinvp added area/codegen and removed needs-triage Needs attention from the triage team labels May 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/codegen kind/bug Some behavior is incorrect or out of spec
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t0yv0 @justinvp