Why it is looking for Static policy definition? What's wrong with my definition of templatelinked policy
Terraform will perform the following actions:
# aws_cloudformation_stack.policies will be created
+ resource "aws_cloudformation_stack" "policies" {
+ id = (known after apply)
+ name = "policies"
+ outputs = (known after apply)
+ parameters = (known after apply)
+ policy_body = (known after apply)
+ tags_all = {
+ "Application" = "authorization"
+ "Client" = "client"
+ "DataClassification" = "NoData"
+ "Env" = "env"
+ "EnvModifier" = "none"
+ "Owner" = "owner"
+ "Product" = "product"
+ "Schedule" = "False"
+ "TaggingStandardVersion" = "3"
}
+ template_body = jsonencode(
{
+ Resources = {
+ PolicyStore = {
+ Properties = {
+ ValidationSettings = {
+ Mode = "OFF"
}
}
+ Type = "AWS::VerifiedPermissions::PolicyStore"
}
+ PolicyTemplate = {
+ Properties = {
+ Description = "Description"
+ PolicyStoreId = {
+ Ref = "PolicyStore"
}
+ Statement = <<-EOT
permit (
principal == ?principal,
action == ::Action::"view",
resource == ?resource
);
EOT
}
+ Type = "AWS::VerifiedPermissions::PolicyTemplate"
}
+ ParameterPolicyStoreId = {
+ Properties = {
+ Description = "Description"
+ Name = "PolicyStoreId"
+ Type = "String"
+ Value = {
+ Ref = "PolicyStore"
}
}
+ Type = "AWS::SSM::Parameter"
}
+ ParameterPolicyTemplateId = {
+ Properties = {
+ Description = "Description"
+ Name = "PolicyTemplateId"
+ Type = "String"
+ Value = {
+ Ref = "PolicyTemplate"
}
}
+ Type = "AWS::SSM::Parameter"
}
+ policy1 = {
+ Properties = {
+ Definition = {
+ TemplateLinked = {
+ PolicyTemplateId = {
+ Ref = "PolicyTemplate"
}
}
}
+ PolicyStoreId = {
+ Ref = "PolicyStore"
}
}
+ Type = "AWS::VerifiedPermissions::Policy"
}
}
}
)
}
│ Error: waiting for CloudFormation Stack (arn:aws:cloudformation:ap-southeast-2:085913628776:stack/policies/5d60c3f0-edaa-11ee-967b-0a87241f8919) create: failed to create CloudFormation stack, rollback requested (ROLLBACK_COMPLETE): ["The following resource(s) failed to create: [ParameterPolicyTemplateId, policy1]. Rollback requested by user." "Resource creation cancelled" "Properties validation failed for resource policy1 with message:\n#/Definition: #: 0 subschemas matched instead of one\n#/Definition: required key [Static] not found\n#/Definition: extraneous key [TemplateLinked] is not permitted\n#/Definition/TemplateLinked/PolicyTemplateId: failed validation constraint for keyword [pattern]"] │ │ with aws_cloudformation_stack.amt_policies, │ on policies.tf line 43, in resource "aws_cloudformation_stack" "policies": │ 43: resource "aws_cloudformation_stack" "policies" { │ ╵ Error: The command exited with status 1 user command error: exit status 1