I am a DevOps consultant so I have access to a bunch of AWS accounts, in addition to my own. If I was to use individual credentials for each account, it would be very inconvenient especially since I have to switch between accounts multiple times a day. For a while now, AWS has a nice feature which allows me to access multiple accounts from my own AWS account. This feature is called Roles.
The official documentation for this is easily available but maybe not so easy to understand by everybody.
This guide is intended to be the most straightforward way of giving access to a person who uses more than one AWS account.
Setting up a role for access from another account
- Go to IAM -> Roles and click Create role. Ask for the account ID.
- Go through each step one by one and select the appropriate permissions.
- Cases matter. I use Bogdan every time so it’s easy to remember.
- Click Create role and if you’re only in charge of giving access your job is done.
Using this new role in your main account
- Click your account name from the top right corner and find the Switch Role button.
- Fill in all the info.
- Enjoy this faster way of switching AWS accounts.
There is a limitation though to a maximum of 5 accounts but if you just learned about this I am sure you can live with this limitation :)
This is a nice time-saving feature which facilitates using multiple AWS accounts. AWS was somewhat late in the game with this feature. Others from my toolbox that support something similar are CloudFlare, GoDaddy and obviously Google.