No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

yea, I just changed some of the specifics, IE sanitized arns

When I run that code I get:

```
    Exception: invocation of aws:iam/getPolicy:getPolicy returned an error: invoking aws:iam/getPolicy:getPolicy: Error reading IAM policy *:policy/policy_test: InvalidInput: ARN *:policy/policy_test is not valid.
```

That seems expected - it is not clear that it is legal to get a policy using a wildcard?

thats cause I didn't want to expose my real arn to this slack

The part that is confusing me the most is this `sys:1: RuntimeWarning: coroutine 'get_instance_profile' was never awaited`

Okay - I can reproduce this.

I *think* that that warning is a symptom not that cause - that is - because there is a crash, the coroutine never gets awaited - not the other way round.  But need to investigate the crash itself.

OK good to know i am not doing something wrong here

Okay - so the problem is that `get_instance_profile` returns a `GetInstanceProfileResult`, not a string.   And you need to pass a string (the name of the profile) to `RolePolicyAttachment`.

So this code works:

```
import pulumi
from pulumi_aws import s3, ec2, iam

async def get_profile():
    instance_profile = await iam.get_instance_profile(name="webServerProfile-ad563fb")
    return instance_profile.name

async def get_policy(): 
    policy = await iam.get_policy(arn="arn:aws:iam::aws:policy/AdministratorAccess")
    return policy.arn

iam.RolePolicyAttachment(role=get_profile(),resource_name="policy_test",policy_arn=get_policy())
```

(actually - I take that back - that code leads to another issue...)

But the bigger point perhaps here is that you don't need these `get_` calls at all - you can just pass the same strings you used as inputs to the resource:


```
import pulumi
from pulumi_aws import s3, ec2, iam

iam.RolePolicyAttachment(role="webServerProfile-ad563fb",resource_name="policy_test",policy_arn="arn:aws:iam::aws:policy/AdministratorAccess")
```

Now - there are a couple different bugs here though - I'll open those to track.

my reasoning in doing the get was to get the pythonic object back for use in other parts of the code, but in this case, I totally get that the string would suffice