I have a cloudformation template like this, to create a role to launch EKS
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'moba production'
Parameters:
EKSIAMRoleName:
Type: String
Description: The name of the IAM role for the EKS service to assume.
Resources:
EKSIAMRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- eks.amazonaws.com
Action:
- 'sts:AssumeRole'
RoleName: !Ref EKSIAMRoleName
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
- arn:aws:iam::aws:policy/AmazonEKSServicePolicy
Outputs:
EKSIAMRole:
Description: EKSIAMRole
Value: !Ref EKSIAMRoleBut I got this message Missing required field Principal, please help to clue to fix it, thanks
Missing required field Principal (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: af18b2eb-06b0-474e-82bc-b80505f544fd; Proxy: null)
CodePudding user response:
You have incorrect indentation. It should be:
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'moba production'
Parameters:
EKSIAMRoleName:
Type: String
Description: The name of the IAM role for the EKS service to assume.
Resources:
EKSIAMRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- eks.amazonaws.com
Action:
- 'sts:AssumeRole'
RoleName: !Ref EKSIAMRoleName
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
- arn:aws:iam::aws:policy/AmazonEKSServicePolicy
Outputs:
EKSIAMRole:
Description: EKSIAMRole
Value: !Ref EKSIAMRole