Service-Linked Roles

Service-Linked Roles (AWSServiceRoleForResilienceHub) are IAM roles that are automatically created in every member account when you enable trusted access for resiliencehub.amazonaws.com from the management account. These roles provide the delegated administrator with read-only cross-account visibility into member account resources without requiring manual IAM configuration.

SLRs are created automatically when a new account joins the organization.

Individual service owners in member accounts still create their own invoker roles for running assessments on their services. The SLR provides cross-account visibility for the DA; it does not replace the invoker role used for discovery and assessment. For invoker role setup, see Setting up Next generation Resilience Hub.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Setting up Organizations integration

Applying resilience policies across accounts