Update AWS Role External ID (optional)
If you have previously created an AWS role, you will only need to update the old External ID to the new FortiCASB generated 32-bit External ID token without creating a new AWS role.
Follow the steps below to update the External ID:
- Log into your AWS account portal using your Administrator User.
- Search and click on IAM (Manage Access to AWS resources) from the AWS portal page.
- Click on Roles, search and click on the AWS Role you created for adding the AWS S3 account to FortiCASB.
- Click Trust Relationships tab and click on Edit trust relationship.
- Replace the External ID value in the line "sts:ExternalId" with the FortiCASB generated 32-bit External ID.
- Click Update Trust Policy to finish updating the External ID.