Hi Rich
First of all, please update your App to version 4.2.0 or above. IAM role was only supported in AWS app since version 4.2.0. Or, you can simply update it to the latest version 4.2.1
In version 4.2.0, IAM role account is read only. IAM role account is assigned to EC2 at provision phase. You can't delete it. The IAM account is detected by AWS add-on automatically. Then, you can view it in app and do inputs configuration, but not edit or delete the IAM account.
What if an IAM role is staled? Ideally, add-on should be able to detect it. Then, in data ingestion phase, no data of that account can be fetched. I don't think you can delete that account. It's not a typical use case to stale an IAM role but still have Splunk running on that server. If you want to clean all related inputs of that IAM account, you can simply delete inputs instead of deleting account.
Peter Chen
... View more