Hi @FlukeStarbucker ,
I think I have editted that part to check first things first.
Here is the article on trust policies:
Trust policy – The trust policy defines which principals can assume the role, and under which conditions. A trust policy is a specific type of resource-based policy for IAM roles. The trust policy is the focus of the rest of this blog post.
To view or update the Trust Relationships of an IAM role in AWS, follow these steps:
1. Navigate to the IAM Console
2. Find the Role:
Search for the role name (in your case, ec2-dbricks) in the search bar.
3. Open the Role:
Click on the role name (ec2-dbricks) from the list to open its details.
4. Edit the Trust Relationships:
Click on the Trust relationships tab at the top.
You will see a section called Trust policy. This policy defines which entities (principals) are allowed to assume this role.
Click on the Edit trust relationship button to modify the trust policy.
5. Add or Update the Trust Relationship:
Modify the trust policy JSON to include the desired Principal entity that should be allowed to assume the role. Based on your earlier example, it should look like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::5249XXXXXXXX:role/databricks-workspace-stack-XXXf3-role"
},
"Action": "sts:AssumeRole"
}
]
}