AWS policy generation facing syntax error?

Question

If I add this policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
        "Effect": "Allow",
        "Principal": {
            "AWS": "arn:aws:iam::xxxxxxxxxxxx:user/stikbook-dev"
        },
        "Action": "sts:AssumeRole"
    }
    ]
}

I'm facing this error

[Ln 4, Col 8Missing Resource: Add a Resource or NotResource element to the policy statement. Learn more
Ln 6, Col 21 Unsupported Principal: The policy type IDENTITY_POLICY does not support the Principal element. Remove the Principal element. Learn more ]

What resource that I want to add? and "unsupported policy"?

Answer 1

You are generating a trust policy. But it seems that what you want is to create a user managed or inline policy. They have different purpose then trust policy. I guess your policy should look like the following:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "*"
        }
    ]
}

where * can be replaced by a specific ARN of IAM role to be assumed.