To solve the malformed policy document error in AWS CLI, make sure you prefix the `--policy-document` parameter with `file://` and correct any syntax errors in your policy.

Solve - Malformed Policy Document Error in AWS CLI


## Solving Malformed Policy Document Error in AWS CLI

There are 2 causes for the "Malformed Policy Document" error in AWS CLI.

The most common reason the "Malformed Policy Document" error occurs in AWS CLI
is because we've forgotten to add the `file://` prefix to the
`--policy-document` parameter.

![without file prefix](/images/blog/aws-cli-malformed-policy-document/without-file-prefix.webp)

**To solve the "Malformed Policy Document" error add the `file://` prefix to the
`--policy-document` parameter when your policy is stored in a file on the local
file system.**

```bash:shell
aws iam put-role-policy --role-name YOUR_ROLE --policy-name YOUR_POLICY --policy-document file://YOUR_FILE.json
```

![with file prefix](/images/blog/aws-cli-malformed-policy-document/with-file-prefix.webp)

<Alert>
  Anytime you pass a file as a <code>--parameter</code> to an AWS CLI command,
  you must add the <code>file://</code> prefix for human-readable files, or the{' '}
  <code>fileb://</code> prefix for binary (non human-readable) files.
</Alert>

<InArticleAd />

In the code snippet we assume that the terminal is located in the same directory
as the `policy.json` file, however if the terminal is in a different directory
we can still point to the file.

For example on `linux` and `macOS` you can use relative and absolute paths as
follows:

```bash:shell
# relative path, navigate to directory
aws iam put-role-policy --role-name YOUR_ROLE --policy-name YOUR_POLICY --policy-document file://./my-folder/policy.json

# absolute path (notice 3 `/` characters in file:/// prefix)
aws iam put-role-policy --role-name YOUR_ROLE --policy-name YOUR_POLICY --policy-document file:///home/john/policy.json
```

On `windows` you can specify a `file://` prefix as follows:

```bash:shell
aws iam put-role-policy --role-name YOUR_ROLE --policy-name YOUR_POLICY --policy-document file://C:\my-folder\policy.json
```

**The other reason the error occurs in AWS CLI is because the policy has
syntactical errors.**

![malformed policy document error](/images/blog/aws-cli-malformed-policy-document/malformed-policy-document-error.webp)

In the example above the policy looks like:

```json:read-s3.json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
          "s3:Get*",
      ],
      "Resource": "*"
    }
  ]
}
```

<InArticleAd />

There is a dangling comma on the `s3:Get*` action line, which caused the error.

To solve the "Malformed Policy Document" error in AWS CLI, run your policy
through a [JSON validator](https://jsonformatter.curiousconcept.com/) and make
sure you correct any syntax or logical errors in your policy.

<InArticleAd />

## Further Reading

- [AWS CDK Tutorial for Beginners - Step-by-Step Guide](/blog/aws-cdk-tutorial-typescript)
- [How does AWS CDK work](/blog/how-does-aws-cdk-work)
- [What is a Token in AWS CDK](/blog/what-is-aws-cdk-token)
- [CDK Constructs - Complete Guide](/blog/cdk-constructs-tutorial)
- [What is an identifier (id) in AWS CDK](/blog/aws-cdk-identifiers)
- [How to use Context in AWS CDK](/blog/how-to-use-context-aws-cdk)
- [How to use Parameters in AWS CDK](/blog/aws-cdk-parameters-example)

<InArticleAd />


Solve - Malformed Policy Document Error in AWS CLI

Solving Malformed Policy Document Error in AWS CLI #

Further Reading #

Borislav Hadzhiev

For more articles, navigate to myHome Page

Solve - Malformed Policy Document Error in AWS CLI

Solving Malformed Policy Document Error in AWS CLI #

Further Reading #

Join my newsletter

Borislav Hadzhiev

For more articles, navigate to myHome Page