2 Answers
- Newest
- Most votes
- Most comments
0
For service role you need this as trusted entity (can be without conditions):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "elasticbeanstalk.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": "elasticbeanstalk"
}
}
}
]
}
And add this managed policy as a policy: AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy
For EC2 instance role you need this as trusted entity, also add needed permissions.
{
"Version": "2008-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
0
okay... I finally figure it out. I didn't select an EC2 instance profile. After I added that, there is no error.
answered 10 months ago
Relevant content
- Accepted Answerasked 5 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 21 days ago
- AWS OFFICIALUpdated 9 months ago