When using the AWS Organization integration workflow, you might be seeing a warning in the Inventory page, AWS Organization, for certain accounts labeled "ASSUME_ROLE." This indicates that your AWS child account is missing the proper vanta-auditor role required.
Procedure
- Navigate to the Integration page
- Under Amazon Web Services
- Click Manage
- Click Edit
- Follow step 1 to create the AWS policies and roles for each of the affected account
- Policy creation
- Role creation
- Repeat steps 1 and 2 for every account besides the management/root account
- Once complete, click next until the Configure scope page
- Click Done