AWS Policy must contain valid version string
I am getting error "This policy contains the following error: The policy must contain a valid version string For more information about the IAM policy grammar" even i included version in my policy when trying to create a new policy in AWS. My policy is
{
"Version": "2015-06-19",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::repo.com",
"arn:aws:s3:::repo.com/*"
]
}
]
}
It seems like Version
is not the version of the policy that I am going to create but a set version number by AWS.
As stated by AWS documentation, version can be:
( version_block = "Version" : ("2008-10-17" | "2012-10-17")
So, I changed it to 2012-10-17
and the policy is accepted.
According to https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Version:
“The Version element must appear before the Statement element. The only allowed values are these:
-
2012-10-17
. This is the current version of the policy language, and you should use this version number for all policies. -
2008-10-17
. This was an earlier version of the policy language. You might see this version on existing policies. Do not use this version for any new policies or any existing policies that you are updating.”
You can also generate your own policy using generate policy option that you can find in the bottom of Bucket Policy tab
When you click on this option you will be redirected to below-mentioned URL:
https://awspolicygen.s3.amazonaws.com/policygen.html