chore(pulumi/snippets): postgres roles for rds

snippets/pulumi/aws/add roles to rds instances.ts

@@ -0,0 +1,25 @@
+import * as aws from "@pulumi/aws";
+import * as postgresql from "@pulumi/postgresql";
+import * as pulumi from "@pulumi/pulumi";
+
+const config = new pulumi.Config();
+const rdsInstance_output = aws.rds.getInstanceOutput({dbInstanceIdentifier: "pikachu-zambia-staging"});
+
+const rdsInstance_postgresqlProvider = new postgresql.Provider(
+    "rdsInstance", {
+        host: rdsInstance_output.address,
+        port: rdsInstance_output.port,
+        databaseUsername: rdsInstance_output.masterUsername,
+        database: rdsInstance_output.dbName,
+        password: config.requireSecret("rdsInstance_masterPassword"),
+    },
+);
+
+const engineering_postgresqlRole = new postgresql.Role(
+    "engineering",
+    {
+        name: "engineering",
+        inherit: true,  // required as it will be used by human users
+    },
+    { provider: rdsInstance_postgresqlProvider },
+);

snippets/pulumi/aws/run commands after instance creation.ts

@@ -9,22 +9,24 @@
 import * as aws from "@pulumi/aws";
 import * as command from "@pulumi/command";
 
-const instance = new aws.ec2.Instance(
-    "instance",
-    { … }
-);
+const instance_output = new aws.ec2.getInstanceOutput({
+    filters: [{
+        name: "tag:Name",
+        values: [ "instance-name-tag" ],
+    }],
+});
 
 command.local.Command(
     "notify",
     { create: "say 'instance created'" }
 );
 
-instance.privateDns.apply(hostIpAddress => new command.local.Command(
+instance_output.privateDns.apply(hostIpAddress => new command.local.Command(
     "ansiblePlaybook-ssh",
     { create: `ansible-playbook -i '${hostIpAddress},' -D 'playbook.yaml'` },
 ));
 
-instance.id.apply(instanceId => new command.local.Command(
+instance_output.id.apply(instanceId => new command.local.Command(
     "ansiblePlaybook-awsSsm",
     {
         create: `