I received an error mentioning 'Role ARN'
You might see an error that looks something like this:
Why is this happening?
There are two reasons that can commonly cause this issue:
Permissions are missing from the Role created in AWS IAM.
To work properly our cloud connector needs the following:IAMReadOnlyAccess- Used to fetch the "account alias" of the AWS accountAmazonEC2ReadOnlyAccess- Used to fetch EC2 Elastic IP addressesAmazonRoute53ReadOnlyAccess- Used to fetch Route 53 hostnames
The Role title includes a capital letter and is causing an issue, e.g.
Intruder-integration
How can I fix it?
⚠️ Missing Permissions
For the Role lacking permissions it's best to check the permissions you've added, you can do so by first heading portal.aws.amazon.com > click on the search bar at the top of the page:
Search IAM > click the first option:
From the IAM Dashboard > select Roles from the left hand navigation panel:
Click on the appropriate Role's name:
This will then open a page containing the Permissions assigned to that role.
A successful integration should look like this:
If the role is missing Permissions, it'll look like this:
You can just click on the Add permissions drop down and then Attach policies to add the required options:
⚠️ The Role name has capital letters
To check for this, follow these steps to get to Roles:
Head to portal.aws.amazon.com > click on the search bar at the top of the page:
Search IAM and click on the first option:
From the IAM Dashboard > select Roles from the left hand navigation panel:
You'll then see the Roles page where you can check the naming of the Roles as here:
If that's causing a problem you can just use the blue Create role button to create a new Role with a different name, we recommend using intruder-integration.