Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Syntax error in policy, while running 'iam create-policy', but there is no syntax mistake

0

Hi,

Im trying to create "revoke" session policy for iam user using command aws iam create-policy --policy-name "revoke-session" --policy-document JSON.json And the content of the JSON.json is

{
    "Version": "2012-10-17",
    "Statement": {
      "Effect": "Deny",
      "Action": "*",
      "Resource": "*",
      "Condition": {"DateLessThan": {"aws:TokenIssueTime": "2022-03-23T15:30:00Z"}}
    }
}

But if i run the command it says An error occurred (MalformedPolicyDocument) when calling the CreatePolicy operation: Syntax errors in policy.

If i create exact same policy trough AWS console everything works!

So, im confused, what can be wrong?

Topics
Management & GovernanceSecurity, Identity, & Compliance
Tags
AWS Command Line InterfaceAWS Identity and Access ManagementIAM Policies
Language
English
asked 4 years ago1.9K views
1 Answer
1
Accepted Answer

--policy-document, by default, takes the actual JSON content of the policy. To have the CLI read the content from a file, modify your command to use: --policy-document file://JSON.json.

(As issued, your command is passing JSON.json as the body of the policy document, which is why the service rejects it.)

AWS
EXPERT
answered 4 years ago
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content