Integrate ServiceNow Voice with Amazon Connect - Cannot perform the operation on the protected role

Waqiah · Wednesday

Hello team,

When following the steps outlined here, the CloudFormation template provided by ServiceNow seems to be trying to create or modify the Amazon Connect service-linked role which is causing the deployment to fail.

In the stack events, the IAM managed policy fails to create due to the Service-linked role not being able to be modified, error:

AWS::IAM::ManagedPolicy resource failed to create - "Cannot perform the operation on the protected role 'AWSServiceRoleForAmazonConnect_abcd' - this role is only modifiable by AWS"

The AWSServiceRoleForAmazonConnect_abcd SLR has also been automatically created. How can we resolve this issue to successfully integrate ServiceNow Voice with Amazon Connect.

mugi-san · Wednesday

HI, @Waqiah .

As far as I know, if you check the ManagedPolicy error and see that an EntityAlreadyExistsException is output, it seems that the error occurred because you tried to create an IAM that already exists. You will need to delete the existing IAM and create it again.