Aman Khanna
Reputation: 375
Creating a roles gives error
I am using following CLI command to create a role and attach a policy :
aws iam create-role --role-name SMS-Role --assume-role-policy-document file://D:\AWS\Cognito\SMSRolePolicy.txt
SMSRolePolicy.txt contains following policy :
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Resource": "*",
"Action": "sns:publish"
}
}
On executing CLI script I do get following error :
An error occurred (MalformedPolicyDocument) when calling the CreateRole operation: Has prohibited field Resource
Upvotes: 0
Views: 742
Answers (1)
Sam
Reputation: 873
what? where is your trust relationship policy document? Your code works for adding policies to an existing attached role. To attach the role, you need to have AssumeRole permission for the resource. it should be something like:
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": {"Service": "ec2.amazonaws.com"},
"Action": "sts:AssumeRole"
}
}
follow the amazon link to set it up correctly.
Upvotes: 0
Related Questions
- How to assign a role to an iam user?
- AWS IAM role does not exist or is not attachable
- aws iam role succesfully created but unvailable
- AWS Assume Role: "Invalid information in one or more fields."
- Getting "Invalid json" error when creating iam-role using aws cli
- Cannot assume role on EC2 instance
- IAM role fails to give permission to an EC2 instance
- getting an error when trying to create IAM user with administrator access
- Can't create IAM role with bash on ubuntu
- Adding permission to IAM role