Thanks for your response Ram. We are using an On-prem MID Server, and have a Credentials linked to the Management account, sub-accounts are getting pulled successfully. Not sure we need to add sts:AssumeRole permission in the instance profile on the MID, as I guess that is used while using an EC2 instance as a MID, correct me if I am wrong.

We have configured the discovery using the doc and using the Option 1

AWS Management Account Discovery, Cross Account Discovery, and Instance Profile - Support and Troubl...

Hello - ok noted. in any case the master needs to have sts:assumerole permissions at the minimum along with other read-only roles required for discovery.

if all that is provided, then please take a look at mid logs and share any errors you find there.

this should work, if it doesn't, need more detail to guide you.

Ram

Thanks Ram for the response, The permissions looks good and we do have sts:assumerole permissions.

While checking the MID server logs I see beloe error:

01/17/23 16:26:40 (522) Worker-Standard:HorizontalDiscoveryProbe-538b2108db24a554f01acafc139619fe WARNING *** WARNING *** com.snc.sw.exception.CommandFailureException: Cloud credentials are missing for https://rds.eu-central-1.amazonaws.com/?Action=DescribeDBClusters&Version=2014-10-31 . Not able to generate the temporary credentials. Please check the mid server logs for exact error.
Caused by error in MID Server script include 'AwsApiCommand' at line 278

275: if (optMasterCred && optMasterCred.isPresent()) { //optMasterCred is type of Optional Class object
276: return optMasterCred.get();
277: } else {
==> 278: throw new FailureException(ExceptionCode.MISSING_CLOUD_CREDENTIALS,args.getUri+" . Not able to generate the temporary credentials. Please check the mid server logs for exact error");
279: }
280: },
281:

But I am unable to figure out the exact errror