1
我试图设置将有权访问群集的红移群集和IAM角色。我正在使用terraform。根据documentation我需要创建一个服务角色并将AmazonS3ReadOnlyAccess策略附加到它。我有以下的配置在我terraform脚本:Terraform:AWS Redshift IAM角色
resource "aws_iam_role" "my_admin_role" {
name = "my-role"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:Get*",
"s3:List*",
"redshift:*"
],
"Resource": "*"
}
]
}
EOF
}
但是这给了我一个错误:
错误:
* aws_iam_role.my_admin_role: "assume_role_policy": required field is not set
* aws_iam_role.my_admin_role: : invalid or unknown key: policy
如何设置红移一个服务的角色?