We have tried AWS account integration with Morpheus using ROLE ARN and getting error “testConnection to amazon: You are not authorized to perform this operation.”
Account A: (Customer AWS account where resources will be provisioned)
Role: Created role (attaching a policy for access to all the key resources) with trust relationship having an external ID.
Account B: (AWS account where morpheus appliance is running)
Role: Created role (attaching a policy with Action: AssumeRole and Resource: ARNrole from accountA). Attached this IAM Role to the morpheus appliance running in Account B itself.
Please suggest whether anything is being missed or share a documentation steps to achieve account integration using ROLE ARN.