https://pulumi.com logo
Powered by
l

limited-army-96747

12/15/2021, 1:08 AM
Hey guys, I am trying to create a iam role using eks oidc information, but I keep getting an error that I can't seem to solve
Copy code
const albPodRole = new aws.iam.Role('alb-service-account-role', {
  assumeRolePolicy: `{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Federated": "${eksCluster.core.oidcProvider?.arn}"
      },
      "Action": "sts:AssumeRoleWithWebIdentity",
      "Condition": {
        "ForAnyValue:StringEquals": {
          "${eksCluster.core.oidcProvider?.url}:sub": ["system:serviceaccount:kube-system:alb-controller-aws-load-balancer-controller"]
        }
        
      }
    }
  ]
}
`,
}, {
  dependsOn: eksCluster,
})
b

billowy-army-68599

12/15/2021, 1:57 AM
@limited-army-96747 you’re passing an output to a string, you need to use an apply. See here:
l

limited-army-96747

12/15/2021, 12:43 PM
Beautiful. @billowy-army-68599 thank you
3 Views
Powered by