DEV Community

Cover image for How to Use Cross Account IAM Role
14 3 1 2 3

How to Use Cross Account IAM Role

Cross account IAM roles allow you to grant access to resources in one AWS account to a user or resource in another AWS account. This is useful for scenarios where you have multiple AWS accounts and need to share resources between them.

Image description

To use cross account IAM roles, follow these steps:

  1. Create an IAM role in the account that owns the resource you want to share. This is known as the resource account ACCOUNT B.
  2. Define a trust policy for the role that allows the account you want to share the resource with to assume the role. The trust policy should include the AWS account ID of the account that will assume the role ACCOUNT A.
  3. Attach a policy to the role that grants permissions to the resource you want to share.
  4. Share the IAM role with the account that needs access to the resource . To do this, create a role in the account that needs access ACCOUNT A, and define a trust policy that allows it to assume the cross account IAM role.
  5. Use the cross account IAM role to access the shared resource.

By following these steps, you can easily share resources between AWS accounts using cross account IAM roles.

If you want to know more, I have prepared a video in which I explain everything step by step. I am creating 2 IAM roles in 2 different AWS accounts and one lambda function that can use a role from another AWS account. The lambda function can add, remove, change and do other cool things in a completely different AWS account.

Reinvent your career. Join DEV.

It takes one minute and is worth it for your career.

Get started

Top comments (0)

Best Practices for Running  Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK cover image

Best Practices for Running Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK

This post discusses the process of migrating a growing WordPress eShop business to AWS using AWS CDK for an easily scalable, high availability architecture. The detailed structure encompasses several pillars: Compute, Storage, Database, Cache, CDN, DNS, Security, and Backup.

Read full post

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay