Hi all,
I’ve just taken over some Terraform automation and attempting to configure an s3 bucket with various permissions.
I’m trying to add an additional policy of adding a pre-configured iam role onto the bucket with the relevant actions.
I have created a policy before this one that works on adding another aws user but when i add this and run the plan it succeeds, but on apply it hangs on modifying then errors with a malformedpolicy, status code 400?
Any help would be appreciated.
policy = <<POLICY
{
"Id": "name",
"Version": "2012-10-17",
"Statement" :[
{
"Sid": "name",
"Action" :[
"s3:GetObject",
"s3GetObjectVersion",
"s3:ListBucketVersions",
"s3:ListBucket"
],
"Effect" :"Allow",
"Resource" : [
"arn:aws:s3:::${local.s3_bucket_name}",
"arn:aws:s3:::${local.s3_bucket_name}/*"
],
"Principal": {
"AWS":["arn:aws:iam::awsaccountdetails:role/service-role/username"]
}
}
]
}
POLICY