Unable to assume role: forbiddenReference: ea725b8f-3578-4c6b-ae8c-f9566e955cc8 in AWS

book

Article ID: 184528

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

While trying to define a CloudSOC specific role in AWS you receive an error.

Unable to assume role: forbiddenReference: ea725b8f-3578-4c6b-ae8c-f9566e955cc8

Cause

Incorrect role name when defining the role.

Environment

CloudSOC

CASB

Amazon Web Service Securlet

Resolution

While defining the specific role it is required to use the following role name:

elastica-cloudtrail-role

Please review the AWS Securlet technote for instructions on properly configuring a role within AWS.  The previously mentioned name can be found in the section titled, "Define the CloudSOC-specific role on your AWS account."