I need to create a managed policy type to the role in the AWS IAM role, but I am only able to create an inline policy that is causing the permission issues while I try to do API requests with the resources. I am following the below
resource “aws_iam_role” “Role1” {
name = “Role-${var.name}”
assume_role_policy = <<EOF
{
“Version”: “2012-10-17”,
“Statement”: [
{
"Effect": "Allow",
"Principal": {
"AWS": "${var.AcoountID}"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": "${var.external_string}"
}
}
}
]
}
EOF
resource “aws_iam_role_policy” “IamPolicy1” {
name = “policy-${var.name}”
role = “${aws_iam_role.Role1.id}”
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
],
"Resource": "*"
}
]
}
EOF
}
AM I doing something wrong here? I need the policy type to be created as MANAGED POLICY.