REMOVE ROLE
delete policy before delete role
aws iam list-roles
aws iam list-role-policies --role-name api-executor
aws iam delete-role-policy --role-name api-executor -policy-name "log-writer"
aws iam delete-role --role-name pizza-api-executor
ADD ROLE POLICY
aws iam put-role-policy \
--role-name pizza-api-executor \
--policy-name PizzaApiDynamoDB \
--policy-document file://./roles/dynamodb.json
You need to provide a path to dynamodb.json with the file:// prefix. If you are providing an absolute path, keep in mind that you will have three slashes after file:. The first two are for file://, and the third one is from the absolute path, because it starts with a slash.