No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

That should definitely work as-is and not result in that error.  Is there anything else in your repro case that might be triggering this?

I think the error is from a slightly different construction where the apply is called from inside the object?

Yeah, the error happens when I use it like this.

```
  const taskRolePolicy = new aws.iam.Policy('ecs-XXXXXX-task', {
    name: 'ecs-XXXXXX-task',
    policy: JSON.stringify({
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "kms:Decrypt"
          ],
          "Resource": [
            kmsKey.id.apply(id =&gt; id)
          ]
        }
      ]
    })
  })
```

or this
```
  const taskRolePolicy = new aws.iam.Policy('ecs-XXXXXX-task', {
    name: 'ecs-XXXXX-task',
    policy: `{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "kms:Decrypt"
      ],
      "Resource": [
        ${kmsKey.id.apply(id =&gt; id)}
      ]
    }
  ]
}`
  })
```

<@UD2HJDBCL> they are expected: see the other way I posted here: <https://pulumi-community.slack.com/archives/C84L4E3N1/p1554173011157600>