- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hi,
Thanks for reaching out to us! I see that you're concerned about receiving a MalformedPolicyDocument error while trying to call the PutUserPolicy API using an Ansible script.
While the content of the policy looks fine, from the error logs you have shared, it looks like you might be passing an additional set of quotes before and after the JSON script (as shown below).
'"{\n "Version": "2012-10-17",\n "Statement": [\n {\n "Sid": "yourSid",\n "Effect": "Allow",\n "Action": [\n "s3:*"\n ],\n "Resource": [\n "arn:aws:s3:::<s3-bucket-name>"\n ]\n }\n ]\n}\n"'
The reason I say this is because, when I pass the JSON script as expected, CloudTrail records the JSON script without the additional quotation mark ' before and after the JSON script as shown below:
"{\n "Version": "2012-10-17",\n "Statement": [\n {\n "Sid": "yourSid",\n "Effect": "Allow",\n "Action": [\n "s3:*"\n ],\n "Resource": [\n "arn:aws:s3:::<s3-bucket-name>"\n ]\n }\n ]\n} "
Could you please check for any additional quotes in your policy syntax when you pass the policy as a document sa_iam_policy.json.j2?
Please let us know if you continue to run into any such issues.
Note: As a reminder, I wanted to request that you not share any specific details on your resources over this platform. All questions and answers posted to re:Post are public. You should open a support case if your question involves sensitive information.
References:
- Grammar of the IAM JSON policy language - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
- https://repost.aws/faq
Contenus pertinents
- Réponse acceptéedemandé il y a 2 ans
- demandé il y a 7 mois
- demandé il y a 3 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an