https://pulumi.com logo
Title
w

worried-terabyte-60325

04/24/2022, 7:50 AM
Hi folks, I met an issue on creating aws serviceRole with pulumi, some code example needs to be updated. In pulumi's doc, rolePolicy string is
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowAssumeRole",
      "Effect": "Allow",
      "Principal": "<http://ec2.amazonaws.com|ec2.amazonaws.com>",
      "Action": "sts:AssumeRole"
    }
  ]
}
Which is different from AWS' doc
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
Different schema on
Principal
field. And that will cause error like:
Error creating IAM Role xxx-role-53da5df: MalformedPolicyDocument: Syntax error at position (6,41)
.