Malformed S3 policy

Hi all,
I’ve just taken over some Terraform automation and attempting to configure an s3 bucket with various permissions.
I’m trying to add an additional policy of adding a pre-configured iam role onto the bucket with the relevant actions.
I have created a policy before this one that works on adding another aws user but when i add this and run the plan it succeeds, but on apply it hangs on modifying then errors with a malformedpolicy, status code 400?

Any help would be appreciated.

policy = <<POLICY
  {
   "Id": "name",
   "Version": "2012-10-17",
   "Statement" :[
    {
      "Sid": "name",
      "Action" :[
         "s3:GetObject",
         "s3GetObjectVersion",
         "s3:ListBucketVersions",
         "s3:ListBucket"
       ],
       "Effect" :"Allow",
       "Resource" : [
       "arn:aws:s3:::${local.s3_bucket_name}",
       "arn:aws:s3:::${local.s3_bucket_name}/*"  
       ],
       "Principal": {
          "AWS":["arn:aws:iam::awsaccountdetails:role/service-role/username"]
       }
     }
   ]
  } 
POLICY

Hi @mark-1234!

It sounds like the error you’re getting here is coming from the remote AWS API rather than from Terraform itself, but if you can share the full error message text exactly as printed by Terraform then I or someone else might have some ideas on how to respond to it.

Thanks!