When trying to add a new allowed IAM principal role to my SQS log source integration the following error occurs:
Failed to update source, please try again later
To resolve this issue, please check for the following:
- The role is spelled in the Console as it exists in the account.
- The roles are separated with <Enter> and there are no other delimiters included.
- If the arn is for an AWS resource, please list it in the "Allowed Source ARNs" field.
This issue can occur when the role as listed does not exist in the AWS account provided; AWS will not allow the policy to be updated to include the non-existent role. See the AWS docs on this error here: https://aws.amazon.com/premiumsupport/knowledge-center/iam-trust-policy-error/