AWS integration using AssumeRole fails during region enumeration when the base IAM user does not have ec2:DescribeRegions permission. Even if the target role has sufficient permissions, the initial call made using the base credentials causes the flow to break.

Steps to Reproduce:

1. Create an IAM user with sts:AssumeRole but without ec2:DescribeRegions.
2. Attempt to integrate AWS via AssumeRole
3. Integration fails before assuming the target role.

Expected Behavior:

AssumeRole should succeed using base permissions only for sts:AssumeRole, and region discovery should happen under the assumed role’s context.