Syntax error in policy, while running 'iam create-policy', but there is no syntax mistake

Question

Hi,

Im trying to create "revoke" session policy for iam user using command `aws iam create-policy --policy-name "revoke-session" --policy-document JSON.json`
And the content of the `JSON.json` is 
```
{
    "Version": "2012-10-17",
    "Statement": {
      "Effect": "Deny",
      "Action": "*",
      "Resource": "*",
      "Condition": {"DateLessThan": {"aws:TokenIssueTime": "2022-03-23T15:30:00Z"}}
    }
}
```
But if i run the command it says `An error occurred (MalformedPolicyDocument) when calling the CreatePolicy operation: Syntax errors in policy.`

**If i create exact same policy trough AWS console everything works!**

So, im confused, what can be wrong?

Accepted Answer

`--policy-document`, by default, takes the actual JSON content of the policy. To have the CLI read the content from a file, modify your command to use: `--policy-document file://JSON.json`.

(As issued, your command is passing `JSON.json` as the body of the policy document, which is why the service rejects it.)

Syntax error in policy, while running 'iam create-policy', but there is no syntax mistake

相关内容