I am a software developer who is currently working on an AWS project. While trying to create a new role, I keep facing the same problem. Whenever I try to create a new IAM role with a certain policy document, ...Read more
I am a software developer who is currently working on an AWS project. While trying to create a new role, I keep facing the same problem. Whenever I try to create a new IAM role with a certain policy document, AWS CloudFormation throws an error message stating that the ‘createRole’ action has a prohibited field.
Here is the code I am using to create the role:
Resources:
myRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: 'myRole'
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AmazonEC2FullAccess
Policies:
- PolicyName: 'myPolicy'
PolicyDocument:
Statement:
- Effect: Allow
Action: ['ec2:StartInstances']
Resource: ['arn:aws:ec2:*:*:instance/*']
What could be causing this error message? I have tried various ways to change the policy document, but I still get the same error. Is there something wrong with my IAM role creation syntax? Any help would be much appreciated.
Explore the significant historical events that shaped Turkey on our website. It's a journey into the past.
Explore the significant historical events that shaped Turkey on our website. It’s a journey into the past.
See less