amazon-web-services - CloudFormation 堆栈类型：'AWS::IAM::Role'

问题描述

我有一个这样的 cloudformation 模板，用于创建启动 EKS 的角色

---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'moba production'

Parameters:
  EKSIAMRoleName:
    Type: String
    Description: The name of the IAM role for the EKS service to assume.
Resources:
  EKSIAMRole:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
        Principal:
          Service:
            - eks.amazonaws.com
        Action:
          - 'sts:AssumeRole'
      RoleName: !Ref EKSIAMRoleName
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
        - arn:aws:iam::aws:policy/AmazonEKSServicePolicy
Outputs:
  EKSIAMRole:
    Description: EKSIAMRole
    Value: !Ref EKSIAMRole

但是我收到了这条消息Missing required field Principal，请帮助解决它，谢谢

缺少必填字段 Principal（服务：AmazonIdentityManagement；状态代码：400；错误代码：MalformedPolicyDocument；请求 ID：af18b2eb-06b0-474e-82bc-b80505f544fd；代理：null）

标签： amazon-web-servicesamazon-cloudformation

你有不正确的缩进。它应该是：

---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'moba production'

Parameters:
  EKSIAMRoleName:
    Type: String
    Description: The name of the IAM role for the EKS service to assume.
Resources:
  EKSIAMRole:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Principal:
                Service:
                    - eks.amazonaws.com
            Action:
            - 'sts:AssumeRole'
      RoleName: !Ref EKSIAMRoleName
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
        - arn:aws:iam::aws:policy/AmazonEKSServicePolicy
Outputs:
  EKSIAMRole:
    Description: EKSIAMRole
    Value: !Ref EKSIAMRole

amazon-web-services - CloudFormation 堆栈类型：'AWS::IAM::Role'

问题描述

解决方案

推荐阅读