Vanta

When integrating AWS, you run into the following error in Vanta when validating the ARN of the role you've created:

Unable to perform STS:AssumeRole. Please follow the linking instructions to create the vanta-auditor role

The Account ID and External ID required for the role were likely entered incorrectly, or MFA was enforced on the role. To correct this, <a href="https://console.aws.amazon.com/iamv2/home#/roles" rel="nofollow noopener noreferrer" target="_blank">navigate to the role you created in AWS IAM</a> and select <b>Trust relationships</b>

These values should match what is provided by Vanta in the role creation step of the AWS linking flow:

- These values should match what is provided by Vanta in the role creation step of the AWS linking flow:

Also, confirm that this trust relationship does not contain the following:

- Also, confirm that this trust relationship does not contain the following:

 "Bool": {<br>"aws:MultiFactorAuthPresent": true<br>}

If this exists in the trust relationship, remove it from the policy or set it to "false" and try to connect Vanta again.

- If this exists in the trust relationship, remove it from the policy or set it to "false" and try to connect Vanta again.

Error: "Unable to perform STS:AssumeRole..." when integrating AWS

Back to Vanta

Live training

Find answers and get help from Intercom Support and Community Experts

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

No tickets created by you

Try using different keywords or checking for typos.

No tickets found containing "{value}"

No tickets found

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Error: "Unable to perform STS:AssumeRole..." when integrating AWS

Problem

Solution