Getting error in adding role policy to service linked role

0

resource "aws_iam_service_linked_role" "AWSServiceRoleForLexV2" { aws_service_name = "lexv2.amazonaws.com" tags = local.common_tags }

resource "aws_iam_role_policy" "lex2_policy" { name = "backend_bot_lex2_policy" role = aws_iam_service_linked_role.AWSServiceRoleForLexV2.id policy = jsonencode({ "Version" : "2012-10-17", "Statement" : [ { "Effect" : "Allow", "Action" : "logs:CreateLogGroup", "Resource" : "arn:aws:logs:eu-west-2:${var.aws_accountId}:" }, { "Effect" : "Allow", "Action" : [ "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource" : [ "arn:aws:logs:eu-west-2:${var.aws_accountId}:log-group:" ] } ] }) }

Error Error putting IAM role policy backend_bot_lex2_policy: ValidationError: The specified value for roleName is invalid. It must contain only alphanumeric characters and/or the following: +=,.@_- │ status code: 400,

asked 2 years ago1316 views
1 Answer
0

In resource "aws_iam_role_policy", you should place .name instead of .id for the role: aws_iam_service_linked_role.AWSServiceRoleForLexV2**.name**.

However, note that you can't modify an Amazon Lex V2 service-linked role (only the description can be updated). Check this document for more info: https://docs.aws.amazon.com/lexv2/latest/dg/using-service-linked-roles.html

profile picture
joahna
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions