Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Missing required field Principal

0

Bellow is what I have to to create an IAM role using terraform. Whenever I init it says that I am missing a field principal? Where/What am I missing?

resource "aws_iam_role" "role_identifier" { name = var.role_name assume_role_policy = jsonencode({ Version = "2012-10-17", #policy language version Statement = [ { Action = "sts:AssumeRole", #Allows role to be assumed Effect = "Allow" Sid = "" Principal = { Service = "ec2.amazonaws.com" } }, { Action = "AssumeRole", Effect = "Allow" } ] }) }

Themen
KalkulationSicherheit, Identität & Konformität
Tags
Amazon EC2IAM-RichtlinienTerraform
Sprache
English
DMaras
gefragt vor 7 Monaten751 Aufrufe
2 Antworten
3
Akzeptierte Antwort

This should do it

resource "aws_iam_role" "role_identifier" {
  name = var.role_name

  assume_role_policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = "sts:AssumeRole"
        Effect = "Allow"
        Sid    = ""
        Principal = {
          Service = "ec2.amazonaws.com"
        }
      },
    ]
  })
}
profile picture
EXPERTE
Gary Mclean
beantwortet vor 7 Monaten
0

Hi,

Your policy contains two statements. The first part has Principal but the second part only has the following:

{ Action = "AssumeRole", Effect = "Allow" }

This second part needs to be cleaned up as it looks like it is not required.

profile pictureAWS
Feng_C
beantwortet vor 7 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt