No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

<@UGY2Z440N> this is a trick part of the API, you want `cluster.instanceRole.apply(ir =&gt; JSON.stringify(...))`

that field is really supposed to be a string, but we’ve added some nice sugar to make it a JSON object — the downside is that you can’t use `Input` in there.

Kind of..still trying to grok it fully with using pulumi .Output

But basically this makes the instance role available to use within the apply() function

`assumeRolePolicy` in the AWS API is actually type `string` right? So `new aws.iam.Role` actually converts the JSON you provide into`string`. It does this by calling `toString`, I believe.

no it doesn’t actually even do that, YOU have to do that.

So the reason `cluster.instanceRole` doesn’t work inside `JSON.stringify` is actually because `Output` is basically a promise.

So, in order to generate the correct string, `JSON.stringfy` has to be run inside the `.apply` —

otherwise you’re just `toString`’ing the promise. But you don’t want that. You want the value _inside_ the promise _once it resolves_

Yes..makes sense..I think i got a bit confused because in some places it is supported to directly use the pulumi.Output&lt;&gt; but not everywhere

It’s hard to grok, we’re actively working on simplifying. :slightly_smiling_face: