By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Syntax error in policy, while running 'iam create-policy', but there is no syntax mistake

0

Hi,

Im trying to create "revoke" session policy for iam user using command aws iam create-policy --policy-name "revoke-session" --policy-document JSON.json And the content of the JSON.json is

{
    "Version": "2012-10-17",
    "Statement": {
      "Effect": "Deny",
      "Action": "*",
      "Resource": "*",
      "Condition": {"DateLessThan": {"aws:TokenIssueTime": "2022-03-23T15:30:00Z"}}
    }
}

But if i run the command it says An error occurred (MalformedPolicyDocument) when calling the CreatePolicy operation: Syntax errors in policy.

If i create exact same policy trough AWS console everything works!

So, im confused, what can be wrong?

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS Command Line InterfaceIAM Policies
Language
English
Joann Babak
asked 2 years ago1179 views
1 Answer
1
Accepted Answer

--policy-document, by default, takes the actual JSON content of the policy. To have the CLI read the content from a file, modify your command to use: --policy-document file://JSON.json.

(As issued, your command is passing JSON.json as the body of the policy document, which is why the service rejects it.)

profile pictureAWS
EXPERT
James_S
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content