Getting error in adding role policy to service linked role

Question

resource "aws_iam_service_linked_role" "AWSServiceRoleForLexV2" {
  aws_service_name = "lexv2.amazonaws.com"
  tags = local.common_tags
}

resource "aws_iam_role_policy" "lex2_policy" {
  name = "backend_bot_lex2_policy"
  role = aws_iam_service_linked_role.AWSServiceRoleForLexV2.id
  policy = jsonencode({
    "Version" : "2012-10-17",
    "Statement" : [
      {
        "Effect" : "Allow",
        "Action" : "logs:CreateLogGroup",
        "Resource" : "arn:aws:logs:eu-west-2:${var.aws_accountId}:*"
      },
      {
        "Effect" : "Allow",
        "Action" : [
          "logs:CreateLogStream",
          "logs:PutLogEvents"
        ],
        "Resource" : [
          "arn:aws:logs:eu-west-2:${var.aws_accountId}:log-group:*"
        ]
      }
    ]
  })
}

**Error**
Error putting IAM role policy backend_bot_lex2_policy: ValidationError: The specified value for roleName is invalid. It must contain only alphanumeric characters and/or the following: +=,.@_-
│ 	status code: 400,

joahna · Answer

In resource "aws_iam_role_policy", you should place .name instead of .id for the role: aws_iam_service_linked_role.AWSServiceRoleForLexV2**.name**.

However, note that you can't modify an Amazon Lex V2 service-linked role (only the description can be updated). Check this document for more info: https://docs.aws.amazon.com/lexv2/latest/dg/using-service-linked-roles.html

Getting error in adding role policy to service linked role

답변 추가

관련 콘텐츠