ARN user is not authorized to perform: sts:AssumeRole on resource

Dear Expert,

I am encountering the following error while attempting to run the agent install script from the console:

2024-05-09_15:53:40.07413 '[2024-05-09 15:53:40,073] [appJobLow-13] ERROR c.m.c.AmazonComputeUtility - Error acquiring Credentials User: arn:aws:iam::xx072xxxx:user/morpheusdata_awscloudmanagement is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::xx2072xxxx:user/morpheusdata_awscloudmanagement (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: 2b9f0978-159a-4590-974e-4xxxxx; Proxy: null)

Despite assigning administrator permissions to the IAM user, the error persists.

Morpheus Version: 7.0.1

Attached is an image for reference.

Doubt: Does an external ID is mandatory here?

Thank you for your assistance.

Best regards, Pavan

I believe you need to pass the Role ARN instead of the User ARN in the “Role ARN” field on the cloud settings.

Dear Deepti,

Thank you for the excellent suggestion provided earlier. The previous error has been successfully resolved.

However, I am encountering a new error message:

2024-05-09_17:05:03.35459 ''[2024-05-09 17:05:03,354] [] WARN  o.a.h.c.p.ResponseProcessCookies - Invalid cookie header: "Set-Cookie: AWSALBAPP-3=_remove_; Expires=Thu, 16 May 2024 17:05:03 GMT; Path=/". Invalid 'expires' attribute:Thu, 16 May 2024 17:05:03 GMT
2024-05-09_17:05:03.35496 ''[2024-05-09 17:05:12,524] [appJobNormal-11] INFO  c.m.o.LinuxOsService - Successfully Determined Route opts: null
2024-05-09_17:05:12.52475 ''[2024-05-09 17:05:12,524] [appJobNormal-11] INFO  c.m.o.LinuxOsService - Performing Reachability Test
2024-05-09_17:05:12.52489 ''[2024-05-09 17:05:12,682] [appJobNormal-11] ERROR c.m.RpcService - rpc error to: null - host must not be null.
2024-05-09_17:05:12.68262 'com.jcraft.jsch.JSchException: host must not be null.

Could you please confirm if you are aware of this issue?

Your assistance in resolving this matter would be greatly appreciated.

Thank you once again.

Best regards,


Hi Pavan,

It’s difficult to analyse the error with such limited information. I would suggest you raise a case with Morpheus support and we will investigate it.


I would double check the os type on the image is set properly in Morpheus under virtual images. Can you edit the image and share a screenshot of the image settings? Also, edit the Linux VM that failed and share a screenshot of the host as well.

Hi Deepti,

Sorry for the late response.

Attached are the configurations for both the Linux VM and the virtual image.

Please find the detailed logs below:
Generated by “install agent” action

	05/13/2024 05:52:29 PM	[appliance] 	[appJobNormal-4] host not reachable:
	05/13/2024 05:52:29 PM	[appliance] 	[appJobNormal-4] reach test result: {success=false}
	05/13/2024 05:52:29 PM	[appliance] 	[appJobNormal-4] executeComputeServerCommand error: com.jcraft.jsch.JSchException: host must not be null.
	05/13/2024 05:52:29 PM	[appliance] 	[appJobNormal-4] rpc error to: null - host must not be null. com.jcraft.jsch.JSchException: host must not be null. at com.jcraft.jsch.JSch.getSession( at com.jcraft.jsch.JSch$getSession$ Source) at com.morpheus.RpcService.executeSudoCommand(RpcService.groovy:55) [3 skipped] at com.morpheus.RpcService.executeSudoCommand(RpcService.groovy) at com.morpheus.RpcService$ Source) at com.morpheus.provision.AbstractBoxProvisionService.executeComputeServerCommand(AbstractBoxProvisionService.groovy:2332) [2 skipped] at com.morpheus.provision.AbstractBoxProvisionService$executeComputeServerCommand$ Source) at com.morpheus.os.LinuxOsService.installLinuxVmAgent(LinuxOsService.groovy:71) [3 skipped] at com.morpheus.os.LinuxOsService$ Source) at com.morpheus.provision.AbstractBoxProvisionService.installVmAgent(AbstractBoxProvisionService.groovy:728) [3 skipped] at com.morpheus.provision.AbstractBoxProvisionService$installVmAgent$1.callCurrent(Unknown Source) at com.morpheus.provision.AbstractBoxProvisionService.upgradeVmAgent(AbstractBoxProvisionService.groovy:823) [3 skipped] at com.morpheus.provision.AbstractBoxProvisionService$upgradeVmAgent$0.callCurrent(Unknown Source) at com.morpheus.provision.AbstractBoxProvisionService.upgradeAgent(AbstractBoxProvisionService.groovy:812) [3 skipped] at com.morpheus.provision.AbstractBoxProvisionService$ Source) at com.morpheus.AbstractComputeService.upgradeAgent(AbstractComputeService.groovy:804) [3 skipped] at com.morpheus.AbstractComputeService$ Source) at com.morpheus.ComputeService.onServerUpgrade(ComputeService.groovy:380) [3 skipped] at com.morpheus.ComputeService$onServerUpgrade$ Source) at com.morpheus.ApplianceJobService.executeApplianceJob(ApplianceJobService.groovy:1264) [3 skipped] at jdk.internal.reflect.GeneratedMethodAccessor1361.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at com.morpheus.ApplianceJobService$_onApplianceJob_closure2.doCall(ApplianceJobService.groovy:297) [6 skipped] at com.morpheus.ApplianceJobService$_onApplianceJob_closure2.doCall(ApplianceJobService.groovy) at jdk.internal.reflect.GeneratedMethodAccessor1343.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at com.morpheus.ApplianceJobService$_onApplianceJob_closure3.doCall(ApplianceJobService.groovy:364) [7 skipped] at jdk.internal.reflect.GeneratedMethodAccessor1342.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at com.morpheus.util.BoundedExecutor$ [7 skipped] [3 skipped]

Virtual image

VM edit

Screenshot (2701)

Let me know if you need any further details.


Hi Pavan,

It looks like it’s not setting the RPC mode on the host. Can you please raise a case for this so we can investigate?


Sure, here’s the corrected version of the email:

Hi Deepti,

Sorry for the late response.

The issue has been resolved. The agent was not able to recognize the Morpheus appliance because of the Cloudflare proxy. I whitelisted the agent’s IP in Cloudflare, and now everything works fine.

Thank you for your help.


1 Like