How to fix "ASSUME_ROLE" warning from AWS Organization

Tri Nguyen
Tri Nguyen
  • Updated

When using the AWS Organization integration workflow, you might be seeing a warning in the Inventory page -> AWS Organization for certain accounts labeled "ASSUME_ROLE". This indicates that your AWS child account is missing the proper vanta-auditor role required. 




  • Navigate to the Integration page

  • Under Amazon Web Services

  • Click Manage

  • Click Edit
  • Follow step 1 to create the AWS policies and roles for each of the affected account
    • Policy creation
    • Role creation

    • Repeat steps 1 and 2 for every account besides the management/root account

    • Once complete, click next until the Configure scope page

    • Click Done