resource "aws_iam_role" "SSMServiceRole-tf" { name = "SSMServiceRole-tf" assume_role_policy = <<EOF { "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Principal": {"Service": "ssm.amazonaws.com"}, "Action": "sts:AssumeRole" } } EOF } resource "aws_iam_role_policy_attachment" "role_attach" { role = "${aws_iam_role.SSMServiceRole-tf.name}" policy_arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore" } resource "aws_ssm_activation" "activation" { name = "${var.Instance_name}" description = "session_manager_${var.Instance_name}" iam_role = "${aws_iam_role.SSMServiceRole-tf.id}" registration_limit = "1" depends_on = ["aws_iam_role_policy_attachment.role_attach"] } ----