diff --git a/aws-js-s3-folder/index.js b/aws-js-s3-folder/index.js index fda95af94..43f3e0d56 100644 --- a/aws-js-s3-folder/index.js +++ b/aws-js-s3-folder/index.js @@ -16,7 +16,7 @@ let siteDir = "www"; // directory for content files // For each file in the directory, create an S3 object stored in `siteBucket` for (let item of require("fs").readdirSync(siteDir)) { let filePath = require("path").join(siteDir, item); - let object = new aws.s3.BucketObject(item, { + let object = new aws.s3.BucketObject(item, { bucket: siteBucket, // reference the s3.Bucket object source: new pulumi.asset.FileAsset(filePath), // use FileAsset to point to a file contentType: mime.getType(filePath) || undefined, // set the MIME type of the file @@ -25,7 +25,7 @@ for (let item of require("fs").readdirSync(siteDir)) { // Create an S3 Bucket Policy to allow public read of all objects in bucket function publicReadPolicyForBucket(bucketName) { - return JSON.stringify({ + return { Version: "2012-10-17", Statement: [{ Effect: "Allow", @@ -37,7 +37,7 @@ function publicReadPolicyForBucket(bucketName) { `arn:aws:s3:::${bucketName}/*` // policy refers to bucket name explicitly ] }] - }) + }; } // Set the access policy for the bucket so all objects are readable @@ -48,4 +48,4 @@ let bucketPolicy = new aws.s3.BucketPolicy("bucketPolicy", { // Stack exports exports.bucketName = siteBucket.bucket; -exports.websiteUrl = siteBucket.websiteEndpoint; +exports.websiteUrl = siteBucket.websiteEndpoint; diff --git a/aws-ts-resources/index.ts b/aws-ts-resources/index.ts index ab31a9491..da164e781 100644 --- a/aws-ts-resources/index.ts +++ b/aws-ts-resources/index.ts @@ -188,42 +188,32 @@ const cluster = new aws.ecs.Cluster("mycluster"); // IAM const role = new aws.iam.Role("myrole", { - assumeRolePolicy: JSON.stringify({ - Version: "2012-10-17", - Statement: [{ - Action: "sts:AssumeRole", - Principal: { - Service: "ec2.amazonaws.com" - }, - Effect: "Allow", - Sid: "" - }] - }) + assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: "ec2.amazonaws.com" }), }); const rolePolicy = new aws.iam.RolePolicy("myrolepolicy", { role: role.id, - policy: JSON.stringify({ + policy: { Version: "2012-10-17", Statement: [{ Action: [ "ec2:Describe*" ], Effect: "Allow", - Resource: "*" - }] - }) + Resource: "*", + }], + }, }); const policy = new aws.iam.Policy("mypolicy", { - policy: JSON.stringify({ + policy: { Version: "2012-10-17", Statement: [{ Action: [ "ec2:Describe*" ], Effect: "Allow", - Resource: "*" - }] - }) + Resource: "*", + }], + }, }); const rolePolicyAttachment = new aws.iam.RolePolicyAttachment("myrolepolicyattachment", { @@ -269,7 +259,7 @@ const stream = new aws.kinesis.Stream("mystream", { // }) // function publicReadPolicyForBucket(bucketName: string) { -// return JSON.stringify({ +// return { // Version: "2012-10-17", // Statement: [{ // Effect: "Allow", @@ -281,7 +271,7 @@ const stream = new aws.kinesis.Stream("mystream", { // `arn:aws:s3:::${bucketName}/*` // policy refers to bucket name explicitly // ] // }] -// }); +// }; // } // SQS diff --git a/aws-ts-stepfunctions/index.ts b/aws-ts-stepfunctions/index.ts index 36a45f850..50019e830 100644 --- a/aws-ts-stepfunctions/index.ts +++ b/aws-ts-stepfunctions/index.ts @@ -4,66 +4,41 @@ import * as pulumi from "@pulumi/pulumi"; const region = aws.config.requireRegion(); const lambdaRole = new aws.iam.Role("lambdaRole", { - assumeRolePolicy: JSON.stringify({ - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - "Effect": "Allow", - "Sid": "", - }, - ], - }) + assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: "lambda.amazonaws.com" }), }); const lambdaRolePolicy = new aws.iam.RolePolicy("lambdaRolePolicy", { role: lambdaRole.id, - policy: JSON.stringify({ - "Version": "2012-10-17", - "Statement": [{ - "Effect": "Allow", - "Action": [ + policy: { + Version: "2012-10-17", + Statement: [{ + Effect: "Allow", + Action: [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], - "Resource": "arn:aws:logs:*:*:*" - }] - }) + Resource: "arn:aws:logs:*:*:*", + }], + }, }); const sfnRole = new aws.iam.Role("sfnRole", { - assumeRolePolicy: JSON.stringify({ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "Service": `states.${region}.amazonaws.com` - }, - "Action": "sts:AssumeRole" - } - ] - }) + assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({ Service: `states.${region}.amazonaws.com` }), }); const sfnRolePolicy = new aws.iam.RolePolicy("sfnRolePolicy", { role: sfnRole.id, - policy: JSON.stringify({ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "lambda:InvokeFunction" - ], - "Resource": "*" - } - ] - }) + policy: { + Version: "2012-10-17", + Statement: [{ + Effect: "Allow", + Action: [ + "lambda:InvokeFunction", + ], + Resource: "*", + }], + }, }); const helloFunction = new aws.serverless.Function(