Error: Datadog is not authorized to peform sts:AssumeRole

This error usually indicates an issue with the trust policy associated with the DatadogAWSIntegrationRole. Most of the times, this issue is caused by the role delegation process (steps 2. through 7. of http://docs.datadoghq.com/integrations/aws/#installation). 

Please check the following points for the AWS account mentioned in the error.

  1. Are you using the exact IAM role name you created in AWS in the Datadog AWS integration? Extra spaces/characters on the AWS side or the Datadog side will make the role delegation fail.
  2. Did you enter Datadog's account ID 464622532012? Some customers used their own AWS account ID in the past which causes the integration to fail.
  3. Have you required MFA? Our integration cannot work in that case.
  4. Try regenerating the AWS External ID and re-entering it in the AWS trust policy. Ensure you press update configuration when doing this step:

Screen_Shot_2018-03-21_at_5.52.05_PM.png

Example of trust policy in AWS:

If that doesn't solve the issue, please try going through the integration steps again focusing on steps 2-7 of http://docs.datadoghq.com/integrations/aws/#installation.

If you're still running into this error please contact support with a screenshot or attachment of your policy to troubleshoot further.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.