MalformedPolicyDocument: Policy document should not specify a principal.

Ask questionsMalformedPolicyDocument: Policy document should not specify a principal.

Terraform Version

Terraform v0.9.2

Affected Resource(s)

Please list the resources as a list, for example:

aws_iam_role_policy

Terraform Configuration Files

data "aws_iam_policy_document" "trust-assume-role-policy" {
  statement {

   actions = ["sts:AssumeRole"]

   principals {
     type        = "Service"
     identifiers = ["ec2.amazonaws.com"]
   }   

   principals {
      type        = "AWS"
      identifiers = ["arn:aws:iam::<account-id>:root"]
   }   
  }
}

resource "aws_iam_role_policy" "TrustUser" {
  name   = "TrustUser"
  role   = "SomeRole"
  policy = "${data.aws_iam_policy_document.trust-assume-role-policy.json}"
}

Debug Output

Panic Output

Expected Behavior

IAM Role updated with policy

Actual Behavior

MalformedPolicyDocument: Policy document should not specify a principal.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

`terraform plan1
terraform apply

Important Factoids

EC2 classic

References

GH-53

hashicorp/terraform

Answer questions hashibot[bot]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

useful!