MalformedPolicyDocument iam-policy.json

kubernetes-sigs / aws-load-balancer-controller

A Kubernetes controller for Elastic Load Balancers

https://kubernetes-sigs.github.io/aws-load-balancer-controller/

Apache License 2.0

3.93k stars 1.46k forks source link

MalformedPolicyDocument iam-policy.json #1415

Closed davidcsi closed 3 years ago

davidcsi commented 4 years ago

I just tried using

https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/master/docs/examples/iam-policy.json

like:

$ aws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/master/docs/examples/iam-policy.json

and got:

An error occurred (MalformedPolicyDocument) when calling the CreatePolicy operation: Syntax errors in policy.

Thanks

davidcsi commented 4 years ago

Funny this, if i use the document to create the policy in AWS CONSOLE, it works fine.

smuramshetty commented 4 years ago

@davidcsi if you are still facing issue - this should work

aws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document file://"\iam-policy.json"

davidcsi commented 4 years ago

Thanks, I will try that. Regards,

David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337

On Mon, Oct 12, 2020 at 6:53 PM smuramshetty notifications@github.com wrote:

@davidcsi https://github.com/davidcsi if you are still facing issue - this should work

aws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document file://"\iam-policy.json"

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/1415#issuecomment-707263127, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAG4L4DY6AVQ3C5ZERBEJFDSKM7C7ANCNFSM4RK36LZQ .

M00nF1sh commented 3 years ago

@davidcsi Seems the AWSSDK behavior changed, you need to first download the policy as file, and use "file://` to create it.

curl -o iam_policy.json  https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/main/docs/install/iam_policy.json
aws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document file://iam_policy.json

closing this, feel free to reopen if we have any other issues

yungyili commented 2 years ago

@davidcsi if you are still facing issue - this should work

aws iam create-policy --policy-name ALBIngressControllerIAMPolicy --policy-document file://"\iam-policy.json"

This solution works for me. Thank you so much!

mbigras commented 1 year ago

Also, to avoid persisting the iam-policy.json file, you can use Bash process substitution like the following shell session illustrates.

$ aws iam create-policy \
    --policy-name ALBIngressControllerIAMPolicy \
    --policy-document https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.4/docs/examples/iam-policy.json

An error occurred (MalformedPolicyDocument) when calling the CreatePolicy operation: Syntax errors in policy.
$ aws iam create-policy \
    --policy-name ALBIngressControllerIAMPolicy \
    --policy-document file://<(curl -sS https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.4/docs/examples/iam-policy.json)
{
    "Policy": {
        "PolicyName": "ALBIngressControllerIAMPolicy",
# ...