alert-laptop-81342
12/14/2022, 3:25 PMimport pulumi
import json
import pulumi_aws as aws
managed_policy_arns = [
"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
]
assume_role_policy = json.dumps({
"Version": "2012-10-17",
"Statement": [{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Sid": None,
"Principal": {
"Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>",
},
}],
})
role1 = aws.iam.Role("jarvis",
assume_role_policy=assume_role_policy,
managed_policy_arns=managed_policy_arns)
When I try to run I get MalformedPolicyDocument error. I debugged following this https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-malformed-policy-errors/ and I saw that the assumeRolePolicyDocument seemed bad formatted, it was like this:
{
"path": "/",
"roleName": "jarvis-1be401b",
"assumeRolePolicyDocument": "{"Version": "2012-10-17", "Statement": [{"Action": "sts:AssumeRole", "Effect": "Allow", "Sid": null, "Principal": {"Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>"}}]}",
"maxSessionDuration": 3600
}
But it seems it should not the double quotes at the beginning... anyone else with this problem? any work around it?
Appreciate your attentiongifted-fall-44000
12/14/2022, 3:29 PMalert-laptop-81342
12/14/2022, 3:33 PMorange-computer-56642
12/15/2022, 11:54 AMSid
to an empty string, or some arbitrary "id" instead of null
(or None
/ nil
etc depending on the language)🤷stocky-restaurant-98004
12/15/2022, 6:09 PMSid
at all and it should work.