AWS connection via Configuring Connections to AWS using IAM Roles (External ID is Case sensitive)

AWS connection via Configuring Connections to AWS using IAM Roles (External ID is Case sensitive)

Description:

This Knowledge base article will advise the customer who has Beacon AWS inventory connection by using configuring Connections to AWS using IAM Roles. The AWS External ID value is case-sensitive. Any incorrect case value could cause the connection unable to extract AWS instance data with "Unable to assume role: arn:aws:iam::xxx:role/ListEC2ForFNMSRole" in the log

 Additional Information:

The case-sensitivity would be applied by AWS as they are the ones who validate the provided ExternalID. FNMS Beacon only provides it if it has been specified and evaluate the outcome if it was successful or not. In the AWS policy, the evaluation of ExternalID is set on the policy... you can see this here: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.htm...

For example 'StringEquals' would be case sensitive, while 'StringLike' or 'StringEqualsIgnoreCase' would allow case insensitive matching.

Labels (3)
Was this article helpful? Yes No
No ratings
Version history
Revision #:
1 of 1
Last update:
‎Apr 12, 2021 02:45 AM
Updated by:
 
Contributors