1.Wanted to know through which user you have logged in aws console through cloud shell - Run the below command
aws sts get-caller-identity
Output
[cloudshell-user@ip-10-***-**-*** ~]$ aws sts get-caller-identity
{
"UserId": "ABCDEFGHIJKLMNOP:info.cloudteachable@gmail.com",
"Account": "***********",
"Arn": "arn:aws:sts::*******:assumed-role/info.cloudteachable@gmail.com"
}
2.Wanted to switch to a different IAM Role through the AWS Console
- Get the IAM Role for which you wanted to switch
- IAM Role name= arn:aws:iam::AWS_Account_No:role/RoleS3Sync
- Run the below command to assume role
aws sts assume-role --role-arn "arn:aws:iam::AWS_Account_No:role/RoleS3Sync" --role-session-name AWSCLI-Session
Note: Replace AWS_Account_No with your AWS Account number
3.Then copy AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY & AWS_SESSION_TOKEN from the step2 output then to the variables
export AWS_ACCESS_KEY_ID= Output of step2 -AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=Output of step2 -AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN=Output of step2 -AWS_SESSION_TOKEN
4.Copy the above 3 export variables then paste it in cloud shell and run it.
5.Now the command - aws sts get-caller-identity
You will see the switch role being used.
Conclusion : How to assume different IAM Role through AWS Cloud shell
💬 If you enjoyed reading this blog post and found it informative, please take a moment to share your thoughts by leaving a review and liking it 😀 and follow me in dev.to , linkedin
Top comments (0)