Hi,
I try to create a role for a Lambda and when run the plan it’s ok, but on apply i receive the error:
Error: “policy” contains an invalid JSON policy
I already try on the AWS to create the policy manually, and it’s ok
with TF_LOG doesn’t show to much only a 400 error.
I don’t if i’m right
resource "aws_iam_role_policy" "iam_for_queue_NAME" {
name = "policy-lambda-sqs-NAME"
role = aws_iam_role.iam_for_queue_NAME.id
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogStream",
"logs:CreateLogGroup"
],
"Resource": [
"${aws_cloudwatch_log_group.NAME.arn}*:*"
],
"Effect": "Allow"
},
{
"Action": [
"logs:PutLogEvents"
],
"Resource": [
"${aws_cloudwatch_log_group.NAME.arn}*:*"
],
"Effect": "Allow"
},
{
"Action": [
"sqs:DeleteMessage",
"sqs:ReceiveMessage"
],
"Resource": "${aws_sqs_queue.NAME.arn}",
"Effect": "Allow"
},
{
"Action": [
"sqs:ReceiveMessage",
"sqs:DeleteMessage",
"sqs:GetQueueAttributes"
],
"Resource": [
"${aws_sqs_queue.NAME.arn}"
],
"Effect": "Allow"
}
]
}
EOF
}
Thanks so much