Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (5.6k points)

When I try to create an IAM role with existing managed policy:

"SomeRole": 

        {

            "Type": "AWS::IAM::Role",

            "Properties": 

            {

                "AssumeRolePolicyDocument": {},

                "ManagedPolicyArns": 

                [

                    "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess",

                    "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",

                    "arn:aws:iam::aws:policy/CloudWatchFullAccess"

                ],

                "RoleName": "SomeRole"

            }

        },

But I'm getting the syntax error at (1,3) position.

1 Answer

0 votes
by (12.4k points)

 Seems like you need to have some value in the "AssumeRolePolicyDocument".

Try with the below code:

{

  "Resources": {

    "NewRole": {

      "Type": "AWS::IAM::Role",

      "Properties": {

        "AssumeRolePolicyDocument": {

          "Version": "2012-10-17",

          "Statement": [

            {

              "Effect": "Allow",

              "Principal": {

                "Service": [

                  "ec2.amazonaws.com"

                ]

              },

              "Action": [

                "sts:AssumeRole"

              ]

            }

          ]

        },

        "ManagedPolicyArns": [

          "arn:aws:iam::aws:policy/AmazonKinesisReadOnlyAccess",

          "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess",

          "arn:aws:iam::aws:policy/CloudWatchFullAccess"

        ]

      }

    }

  }

}

Want to become AWS Expert? Come & join AWS Certification.

Refer to the below tutorial to learn more about IAM.

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer
0 votes
1 answer
asked Dec 1, 2020 in AWS by devin (5.6k points)

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...