Roles and permission errors

Red Hat® OpenShift® Service on AWS uses AWS’s security token service (STS) to validate the credentials of different users of the service. You may receive an error such as:

Failed to create cluster: The sts_user_role is not linked to account '1oNl'. Please create a user role and link it to the account.

You can look at the troubleshooting documentation for IAM roles to create a user role and link it to your account.

1. Check your account’s user-role by running the rosa list ocm-role and rosa list user-role commands in the command line. 
2. If you have Red Hat Organization Administrator privileges and need to create account-wide roles, follow these steps in the CLI to create your permissions.
3. To create user roles with either basic or admin privileges, follow these steps in the CLI to create your permissions. 
4. Once your roles have been set, you should be able to link your AWS account in the ROSA wizard in the Console or via the command line.