Skip to main content
AWS: Common integration issues/errors

Running into trouble with your AWS account integration, this article covers the most common issues and how to fix them

Updated yesterday

I received an error mentioning 'Role ARN'

You might see an error that looks something like this:

User-uploaded Image

Why is this happening?

There are two reasons that can commonly cause this issue:

  • Permissions are missing from the Role created in AWS IAM.
    To work properly our cloud connector needs the following:

    • IAMReadOnlyAccess - Used to fetch the "account alias" of the AWS account

    • AmazonEC2ReadOnlyAccess - Used to fetch EC2 Elastic IP addresses

    • AmazonRoute53ReadOnlyAccess - Used to fetch Route 53 hostnames

  • The Role title includes a capital letter and is causing an issue, e.g. Intruder-integration

How can I fix it?

⚠️ Missing Permissions

For the Role lacking permissions it's best to check the permissions you've added, you can do so by first heading portal.aws.amazon.com > click on the search bar at the top of the page:

User-uploaded Image

Search IAM > click the first option:

From the IAM Dashboard > select Roles from the left hand navigation panel:

Click on the appropriate Role's name:

This will then open a page containing the Permissions assigned to that role.

  • A successful integration should look like this:

User-uploaded Image
  • If the role is missing Permissions, it'll look like this:

You can just click on the Add permissions drop down and then Attach policies to add the required options:



⚠️ The Role name has capital letters

To check for this, follow these steps to get to Roles:

Head to portal.aws.amazon.com > click on the search bar at the top of the page:

User-uploaded Image

Search IAM and click on the first option:

From the IAM Dashboard > select Roles from the left hand navigation panel:

You'll then see the Roles page where you can check the naming of the Roles as here:

If that's causing a problem you can just use the blue Create role button to create a new Role with a different name, we recommend using intruder-integration.

Did this answer your question?