Review this IAM role update

resource "aws_iam_role" "scheduler" {
  name = "job-scheduler-role"

  assume_role_policy = jsonencode({
    Version = "2012-10-17"
    Statement = [{
      Effect = "Allow"
      Principal = {
        Service = "ec2.amazonaws.com"
      }
      Action = "sts:AssumeRole"
    }]
  })
}

resource "aws_iam_role_policy" "scheduler" {
  name = "scheduler-policy"
  role = aws_iam_role.scheduler.id

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [{
      Effect   = "Allow"
      Action   = ["iam:PassRole"]
      Resource = "*"
    }]
  })
}

resource "aws_iam_instance_profile" "scheduler" {
  name = "job-scheduler-profile"
  role = aws_iam_role.scheduler.name
}