diff --git a/docs/cloud-native-security/cspm-get-started-aws.asciidoc b/docs/cloud-native-security/cspm-get-started-aws.asciidoc index 32032e4268..39f26a4edb 100644 --- a/docs/cloud-native-security/cspm-get-started-aws.asciidoc +++ b/docs/cloud-native-security/cspm-get-started-aws.asciidoc @@ -80,6 +80,17 @@ When using manual authentication to onboard at the organization level, you need { "Version": "2012-10-17", "Statement": [ + { + "Action": [ + "iam:GetRole", + "iam:ListAccountAliases", + "iam:ListGroup", + "iam:ListRoles", + "iam:ListUsers" + ], + "Resource": "*", + "Effect": "Allow" + }, { "Action": [ "organizations:List*", @@ -128,8 +139,6 @@ When using manual authentication to onboard at the organization level, you need ``` ==== -** The AWS-managed `SecurityAudit` policy. - IMPORTANT: You must replace `` in the trust policy with your AWS account ID. * Next, for each account you want to scan in the organization, create an IAM role named `cloudbeat-securityaudit` with the following policies: