AWS Switch role between accounts (Administrator access)

Posted by Carles Loriente on September 13, 2019 · 1 min read

Log the AWS Console with the account that you want to be the accessed account

Select IAM -> Roles, create a new role, attach the policy “AdministratorAccess”, fill in role name (e.g: Admin) and description.

Select the previously created role, click “Trust relationships”, edit trust relationship, paste the following policy:


{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::ACCESSED_ACCOUNT_ID:root"
      },
      "Action": "sts:AssumeRole",
      "Condition": {}
    }
  ]
}

Download the GitHub Gist IAM Policy account accessed

Log the AWS Console with the account that you want to be the accessing account

Click in your user id, select switch role, fill in with the Account name and role (from accessed account), click switch role and that’s it.

Found a snippet that saved your day? Consider dropping a tip!

Next Post