DEV Community

Srinivasulu Paranduru for AWS Community Builders

Posted on β€’ Edited on

1 1

How to Assume a different AWS IAM role using AWS Cloud Shell

1.Wanted to know through which user you have logged in aws console through cloud shell - Run the below command

aws sts get-caller-identity

Output

[cloudshell-user@ip-10-***-**-*** ~]$ aws sts get-caller-identity
{
    "UserId": "ABCDEFGHIJKLMNOP:info.cloudteachable@gmail.com",
    "Account": "***********",
    "Arn": "arn:aws:sts::*******:assumed-role/info.cloudteachable@gmail.com"
}
Enter fullscreen mode Exit fullscreen mode

2.Wanted to switch to a different IAM Role through the AWS Console

  • Get the IAM Role for which you wanted to switch
    • IAM Role name= arn:aws:iam::AWS_Account_No:role/RoleS3Sync
  • Run the below command to assume role
 aws sts assume-role --role-arn "arn:aws:iam::AWS_Account_No:role/RoleS3Sync" --role-session-name AWSCLI-Session

Enter fullscreen mode Exit fullscreen mode

Note: Replace AWS_Account_No with your AWS Account number

3.Then copy AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY & AWS_SESSION_TOKEN from the step2 output then to the variables

export AWS_ACCESS_KEY_ID= Output of step2 -AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=Output of step2 -AWS_SECRET_ACCESS_KEY
export AWS_SESSION_TOKEN=Output of step2 -AWS_SESSION_TOKEN

Enter fullscreen mode Exit fullscreen mode

4.Copy the above 3 export variables then paste it in cloud shell and run it.

5.Now the command - aws sts get-caller-identity
You will see the switch role being used.

Conclusion : How to assume different IAM Role through AWS Cloud shell
πŸ’¬ If you enjoyed reading this blog post and found it informative, please take a moment to share your thoughts by leaving a review and liking it πŸ˜€ and follow me in dev.to , linkedin

Image of Docusign

Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

Create a simple OTP system with AWS Serverless cover image

Create a simple OTP system with AWS Serverless

Implement a One Time Password (OTP) system with AWS Serverless services including Lambda, API Gateway, DynamoDB, Simple Email Service (SES), and Amplify Web Hosting using VueJS for the frontend.

Read full post

πŸ‘‹ Kindness is contagious

Please leave a ❀️ or a friendly comment on this post if you found it helpful!

Okay