'Add role to another role trust relationship via nodejs
I want to add a role to another role trust relationship via nodejs aws library. I have tried to create a policy and than add it to the main role but its not working what i'm doing wrong
createTrustPolicy(RoleName) {
return new Promise((resolve, reject) => {
const params = {
PolicyDocument: '{' +
' "Version": "2012-10-17",' +
' "Statement": [' +
' {' +
' "Effect": "Allow",' +
` "Principal": {"AWS":"arn:aws:iam::${aws_account_id}:role/${RoleName}"},` +
' "Action": "sts:AssumeRole"' +
' }' +
' ]' +
'}',
PolicyName: `TrustRelationship_${RoleName}`,
Description: 'The Policy that will be used to add the green grass role to be added to trust relationship',
};
this.iam.createPolicy(params, (err, data) =>
(err && err.name !== 'EntityAlreadyExists') ? reject(err) : resolve(data));
})
}
/**
* Attach the Trust Policy to the aws
* role who is federated to use gcp identity.
* @param {*} RoleName the Greengrass Role Name
*/
AttachTrustPolicyToFederatedRole(RoleName) {
return new Promise((resolve, reject) => {
const params = {
PolicyArn: `arn:aws:iam::${aws_account_id}:policy/TrustRelationship_${RoleName}`,
RoleName: "federation_pubsub_greengrass_to_itclient"
}
this.iam.attachRolePolicy(params, (err, data) =>
(err ? reject(err) : resolve(data)));
})
}
and i get the following error :
MalformedPolicyDocument: Policy document should not specify a principal..
amazon-web-servicesSources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|