Amazon web services 策略中的语法错误。（服务：AmazonIdentityManagement；状态代码：400；错误代码：格式错误的策略文档：CloudFormation_Amazon Web Services_Templates_Amazon Cloudformation

Amazon web services 策略中的语法错误。（服务：AmazonIdentityManagement；状态代码：400；错误代码：格式错误的策略文档：CloudFormation

amazon-web-services templates amazon-cloudformation

Amazon web services 策略中的语法错误。（服务：AmazonIdentityManagement；状态代码：400；错误代码：格式错误的策略文档：CloudFormation,amazon-web-services,templates,amazon-cloudformation,Amazon Web Services,Templates,Amazon Cloudformation,当我尝试创建IAM策略时，在cloudformation中部署模板时出现以下错误： JenkinsInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: "/" Roles: - Ref: "JenkinsRole" JenkinsPolicy: Type: AWS::IAM::Policy Properties:

当我尝试创建IAM策略时，在cloudformation中部署模板时出现以下错误：

JenkinsInstanceProfile:
    Type: AWS::IAM::InstanceProfile
    Properties:
      Path: "/"
      Roles:
        - 
          Ref: "JenkinsRole"
  JenkinsPolicy:
   Type: AWS::IAM::Policy
   Properties:
      PolicyName: "JenkinsPolicy"
      PolicyDocument: 
        Version: "2020-01-29"
        Statement:
          - 
           Effect: "Allow"
           Action: 
             - "s3:GetObject"
             - "s3:GetObjectVersion"
             - "s3:PutObject"
             - "s3:DeleteObject"
           Resource: "*"
          - 
           Effect: "Allow"
           Action: 
             - "codedeploy:ListApplications"
             - "codedeploy:ListDeploymentGroups"
             - "codedeploy:RegisterApplicationRevision"
             - "codedeploy:CreateDeployment"
             - "codedeploy:GetDeploymentConfig"
             - "codedeploy:GetApplicationRevision"
             - "codedeploy:GetDeployment"
           Resource: "*" 
      Roles: 
        - Ref: "JenkinsRole"

有人能帮我一下吗，这将是非常有用的，我看不到代码中列出了你的IAM角色。此外，你的标签有问题。我不知道这是否仅仅是因为你的复制/粘贴，或者你是否真的在CFN模板中有这样的标签。但是JenkinsPolicy是标签，看起来像Jenkinst的孩子个人资料

值得注意的是，我在AWS文档中没有看到您列出的政策文档的版本。它们只有“2012-10-17”和“2008-10-17”作为选项

下面的内容有望解决您的问题。另外，您不需要两个政策文件，所以我将它们放在一个文件中

JenkinsRole:
  Type: "AWS::IAM::Role"
  Properties:
    AssumeRolePolicyDocument:
      Version: "2012-10-17"
      Statement:
        -
          Effect: "Allow"
          Principal:
            Service:
              - "ec2.amazonaws.com"
          Action:
            - "sts:AssumeRole"
    Path: "/"
    RoleName: "JenkinsInstanceRole"
JenkinsInstanceProfile:
  Type: "AWS::IAM::InstanceProfile"
  Properties:
    Roles:
      - !Ref "JenkinsRole"
JenkinsPolicy:
   Type: AWS::IAM::Policy
   Properties:
      PolicyName: "JenkinsPolicy"
      PolicyDocument: 
        Version: "2012-10-17"
        Statement:
          -  Effect: "Allow"
             Action: 
               - "s3:GetObject"
               - "s3:GetObjectVersion"
               - "s3:PutObject"
               - "s3:DeleteObject"
               - "codedeploy:ListApplications"
               - "codedeploy:ListDeploymentGroups"
               - "codedeploy:RegisterApplicationRevision"
               - "codedeploy:CreateDeployment"
               - "codedeploy:GetDeploymentConfig"
               - "codedeploy:GetApplicationRevision"
               - "codedeploy:GetDeployment"
             Resource: "*" 
      Roles: !Ref "JenkinsRole"