[Solved] The trust policy of the role is:{"Effect": "Allow", "Principal": {"AWS": "arn:aws:iam::123456789012:user/Alice"}, "Action": "sts:AssumeRole"}What is the likely issue? | AWS

AWS - Identity and Access Management

A user cannot assume an IAM role despite having the correct permissions. The trust policy of the role is:

{"Effect": "Allow", "Principal": {"AWS": "arn:aws:iam::123456789012:user/Alice"}, "Action": "sts:AssumeRole"}

What is the likely issue?

AThe trust policy is missing the 'Version' element

BThe Principal ARN is incorrect or incomplete

CThe Action should be 'iam:AssumeRole' instead of 'sts:AssumeRole'

DThe user does not have permission to call AssumeRole

Step-by-Step Solution

Solution:

Step 1: Verify trust policy structure
The trust policy is missing the required 'Version': '2012-10-17' element, making it invalid.
Step 2: Check policy validity
Without Version, the policy fails and the role cannot be assumed.
Final Answer:
The trust policy is missing the 'Version' element -> Option A
Quick Check:
Missing Version in trust policy = A [OK]

Quick Trick: Trust policy Principal must match exact user ARN [OK]

Common Mistakes:

MISTAKES

Master "Identity and Access Management" in AWS

9 interactive learning modes - each teaches the same concept differently

More AWS Quizzes

A user cannot assume an IAM role despite having the correct permissions. The trust policy of the role is: