Hey guys, I am trying to create a iam role using eks oidc information, but I keep getting an error that I can't seem to solve

const albPodRole = new aws.iam.Role('alb-service-account-role', {
  assumeRolePolicy: `{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Federated": "${eksCluster.core.oidcProvider?.arn}"
      },
      "Action": "sts:AssumeRoleWithWebIdentity",
      "Condition": {
        "ForAnyValue:StringEquals": {
          "${eksCluster.core.oidcProvider?.url}:sub": ["system:serviceaccount:kube-system:alb-controller-aws-load-balancer-controller"]
        }
        
      }
    }
  ]
}
`,
}, {
  dependsOn: eksCluster,
})

@limited-army-96747 you’re passing an output to a string, you need to use an apply. See here:

Beautiful. @billowy-army-68599 thank you