I'm following this AWS tutorial. On page 46 where you add permissions to IAM role, the json code causes errors. The error is, Ln 10, Col 1JSON Syntax Error: Fix the JSON syntax error at index 168 line 10 column 1, wherever a comma follows curly bracket. Removing the comma and/or curly bracket doesn't work.
Here's the json I have:
{
"Sid": "describeLogGroups",
"Effect": "Allow",
"Action": [
"logs:DescribeLogGroups"
],
"Resource": [
"arn:aws:logs:<us-west-2>:<MY_ACCOUNT_ID>:log-group:*"
]
},
{
"Sid": "describeLogStreams",
"Effect": "Allow",
"Action": [
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:<us-west-2>:<MY_ACCOUNT_ID>:log-group:*:log-stream:*"
]
},
{
"Sid": "createLogStream",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutRetentionPolicy"
],
"Resource": [
"arn:aws:logs:<us-west-2>:<MY_ACCOUNT_ID>:loggroup:<SessionManagerLogGroup>:*"
]
},
{
"Sid": "putEvents",
"Effect": "Allow",
"Action": [
"logs:PutLogEvents",
"logs:GetLogEvents"
],
"Resource": [
"arn:aws:logs:<us-west-2>:<MY_ACCOUNT_ID>:loggroup:<SessionManagerLogGroup>:log-stream:*"
]
},
{
"Sid": "listBucket",
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::<session-manager-log-bucket123>"
},
{
"Sid": "putObject",
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::<session-manager-log-bucket123>/*"
}
What adjustments need to be made to fix the code?
You seem to be missing the Version and Statement portions of your policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "...",
"Resource": "..."
}
]
}