DEV Community

Cover image for New AWS Management Console Feature: Simultaneous Sign-in for Multiple Identities
2

New AWS Management Console Feature: Simultaneous Sign-in for Multiple Identities

The AWS Management Console now supports simultaneous sign-in for multiple AWS accounts

AWS has just rolled out a groundbreaking enhancement to its Management Console that promises to transform how cloud administrators and developers manage their AWS environments. Now, you can sign into up to five different identities at the same time within a single web browser session. Here's a deep dive into this feature, its implications, and how it could streamline your AWS operations:

What Does This Mean?

  • Five Identities at Once:
    Previously, managing different AWS accounts or roles meant logging in and out, or using separate browsers or incognito sessions. Now, you can stay signed into up to five identities, which could be any combination of:

    • Root Users: The account owner for an AWS account.
    • IAM Users: Individual users within an AWS account with specific permissions.
    • Federated Roles: Temporary security credentials for users authenticated through external identity providers like Active Directory, SAML, or web identity federation.
  • Single Browser Session:

    This functionality is confined to one browser session, meaning you won't need to juggle multiple browser windows or tabs to manage different AWS contexts.

How It Works

  • User Interface:
    Upon enabling this feature, you'll see a new menu in the top right corner of the AWS Management Console where you can switch between your logged-in identities or roles.

  • Session Control:
    Each identity maintains its own session, complete with its own set of permissions and access controls. This means you can jump from a highly privileged role to a more restricted one without the overhead of re-authentication.

  • Security Considerations:
    AWS ensures that each session is isolated. For example, if one session expires or is logged out, it does not affect the others. However, users must be vigilant about managing these sessions, as having multiple active sessions increases the attack surface.

Benefits

  • Increased Productivity:
    Developers and admins can now manage resources across multiple accounts or roles without constant sign-in/sign-out, reducing downtime and enhancing workflow.

  • Simplified Management:
    For organizations with complex AWS account structures or those employing multi-account strategies, this feature simplifies oversight and management tasks.

  • Cost Optimization:
    By allowing more dynamic switching between roles, users can more efficiently manage resources, potentially saving costs by better aligning permissions with tasks.

Security and Best Practices

  • Session Management:
    Be mindful of open sessions. Regularly review and close sessions that are no longer needed.

  • Permission Boundaries:
    Even with this feature, best practices for least privilege should be maintained. Do not elevate permissions unnecessarily just because switching between roles is easier.

  • Monitoring and Logging:
    Use AWS CloudTrail to keep an eye on who is doing what across your accounts, especially now that one user could theoretically perform actions under multiple identities.

Implementation Tips

  • Enable Gradually:
    If you're in a large organization, consider a phased rollout to understand the impact on your security and compliance posture.
    Training: Ensure your team is trained on how to use this feature responsibly, focusing on security implications.

  • Feedback Loop:
    AWS often improves features based on user feedback. Engage with AWS through forums or support to suggest enhancements or report issues.

Conclusion

This new feature in the AWS Management Console represents a significant step forward for user experience in cloud management, offering flexibility without compromising on security, provided users adhere to best practices. Whether you're a small startup or a large enterprise, this capability can redefine how you approach AWS administration, making your team's life easier while potentially enhancing operational efficiency.

Explore this feature, give AWS your feedback, and see how it reshapes your AWS management strategy.

References:

AWS Official Announcement

AWS Management Console Documentation

AWS re:Post (Community Discussion)

Technical Blog Post on AWS Console Enhancements

Sample images:

Image 1 - enable multi-session support easily

Image 2 - root user 1, note the new url

Image 3 - add a new session for user = Walter

Image 4 - 2 user sessions - root and Walter, note the new url

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

Create a simple OTP system with AWS Serverless cover image

Create a simple OTP system with AWS Serverless

Implement a One Time Password (OTP) system with AWS Serverless services including Lambda, API Gateway, DynamoDB, Simple Email Service (SES), and Amplify Web Hosting using VueJS for the frontend.

Read full post

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay