QUESTION

Can I temporarily delete the PantherAuditRole IAM role in my AWS accounts and then recreate it without losing data in Panther? This might be needed when converting CloudFormation stacks to StackSets or resolving template conflicts.

ANSWER

Yes, it is safe to temporarily delete the PantherAuditRole IAM role and then recreate it. You will not lose any data in Panther during this process.

Here's what to expect:

• If a cloud scan happens while the role is deleted, it will fail

• Once you recreate the role, Panther should recover within 15 minutes

• No historical data or configurations will be lost

This approach can be useful when you need to resolve CloudFormation template conflicts, such as when converting individual stacks to StackSets at the AWS organization level.