Unable to add AWS accounts using cross account role due to missing sts:AssumeRole permission. Results in the following:
SEVERE: ThID:105|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Unable to add AWS account with error AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 2bec52d1-e3cf-43f4-836d-e7b347d72724)
Feb 06, 2018 3:18:07 AM com.trendmicro.ds.platform.rest.ext.AllExceptionMapper toResponse
SEVERE: ThID:105|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|REST API method at /cloudaccounts/aws encountered error
AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: com.amazonaws.services.ec2.model.AmazonEC2Exception: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 2bec52d1-e3cf-43f4-836d-e7b347d72724)
Feb 06, 2018 3:36:43 AM com.thirdbrigade.manager.webclient.screens.CloudProviderAmazonWizardBean testAWSAccountCredentials
SEVERE: ThID:109|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Error adding aws account:
com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: User: arn:aws:sts:::assumed-role/trend-DSMNode1-5NO7EQAZRFKO-DSMRole-16IV47LCXEUGK/i-071675f1a2ca4 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam:::role/Trend (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: f25d3990-0aee-11e8-89a1-47a99feb393f)
Feb 06, 2018 4:21:22 AM com.thirdbrigade.manager.webclient.screens.CloudProviderAmazonWizardBean$AWSImportThread run
SEVERE: ThID:172|TID:0|TNAME:Primary|UID:1|UNAME:MasterAdmin|Error unable to add aws account :
AWS sync exception, RequestRegion=ap-south-1, Credentials=INSTANCE_ROLE Error: com.amazonaws.services.ec2.model.AmazonEC2Exception: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: d9bf88d8-dc9e-4356-9681-833e6e892dec)
Resolved by #20 but not merged.