profile
viewpoint

Ask questionsMalformedPolicyDocument: Policy document should not specify a principal.

Terraform Version

Terraform v0.9.2

Affected Resource(s)

Please list the resources as a list, for example:

  • aws_iam_role_policy

Terraform Configuration Files

data "aws_iam_policy_document" "trust-assume-role-policy" {
  statement {

   actions = ["sts:AssumeRole"]

   principals {
     type        = "Service"
     identifiers = ["ec2.amazonaws.com"]
   }   

   principals {
      type        = "AWS"
      identifiers = ["arn:aws:iam::<account-id>:root"]
   }   
  }
}

resource "aws_iam_role_policy" "TrustUser" {
  name   = "TrustUser"
  role   = "SomeRole"
  policy = "${data.aws_iam_policy_document.trust-assume-role-policy.json}"
}

Debug Output

Panic Output

Expected Behavior

IAM Role updated with policy

Actual Behavior

MalformedPolicyDocument: Policy document should not specify a principal.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. `terraform plan1
  2. terraform apply

Important Factoids

EC2 classic

References

  • GH-53
hashicorp/terraform

Answer questions hashibot[bot]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

useful!

Related questions

failed to save provider manifest: open .terraform/plugins/linux_amd64/lock.json: permission denied hot 4
The argument "host" is required, but no definition was found. hot 3
Unable to run 0.12upgrade hot 3
Module cannot find alias AWS provider in 0.12.0 hot 3
Error: Invalid template interpolation value hot 2
Terraform v0.11.1 : Error downloading modules: Error loading modules: open .terraform/modules/3f10921295c292995128e9e36eb: no such file or directory hot 2
Error in Terraform 0.12.0: This object has no argument, nested block, or exported attribute hot 2
Feature Request - Allow list/array in 'query' in 'external' data source hot 2
Terraform provider downloads fail with TLS handshake timeout hot 2
'terraform init' failed with 'Registry service unreachable.' error hot 2
for_each attribute for creating multiple resources based on a map hot 2
`Unreadable module directory` error is not clear for nested modules hot 2
Provider Development: Expected type 'string', got unconvertible type '[]interface {}' - with complicated block hot 2
Error loading state: state snapshot was created by Terraform v0.12.7, which is newer than current v0.12.6 hot 2
[BUG] Terraform 0.12.x corrupts state when upgrading from 0.11.14 hot 1
Github User Rank List