How to Assume Role across Accounts in AWS

Andrew Jul 16, 2022 AWS
0 min read 95 words

If you need to assume role between AWS accounts, or allow an account to assume a role and use resources in another AWS account, then you need to create a role and attach the following policy.

The following two (2) steps creates a Trust Relationship between the accounts.

Step 1 – In the Source Account

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": [
      "sts:AssumeRole"
    ],
    "Resource": [
      "arn:aws:iam::DESTINATION-ACCOUNT-ID:role/DESTINATION-ROLENAME"
    ]
  }]
}

Step 2 – In the Destination Account

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::SOURCE-ACCOUNT-ID:role/SOURCE-USERNAME"
    },
    "Action": "sts:AssumeRole"
  }]
}
Tags:
Andrew
Andrew

Andrew is a visionary software engineer and DevOps expert with a proven track record of delivering cutting-edge solutions that drive innovation at Ataiva.com. As a leader on numerous high-profile projects, Andrew brings his exceptional technical expertise and collaborative leadership skills to the table, fostering a culture of agility and excellence within the team. With a passion for architecting scalable systems, automating workflows, and empowering teams, Andrew is a sought-after authority in the field of software development and DevOps.

Related Articles

How to Recursively Delete all Files in an AWS S3 Bucket

Jul 5, 2022 • 0 min read

How to Recursively Delete all Files in an AWS S3 Bucket

AWS CLI
[Solved] Error creating RDS DB Instance: IAM role ARN value is not value or does not include the required permissions for: ENHANCED_MONITORING

Jun 28, 2022 • 0 min read

[Solved] Error creating RDS DB Instance: IAM role ARN value is not value or does not include the …

AWS
How to create an AWS Lambda in Terraform

Jun 27, 2022 • 1 min read

How to create an AWS Lambda in Terraform

AWS Python Terraform
[Solved] Instance Profile already exists in Terraform

Jun 26, 2022 • 0 min read

[Solved] Instance Profile already exists in Terraform

AWS CLI Terraform
[Solved] An error occurred (UnauthorizedException) when calling ListAccounts operation: Session token not found or invalid

Jun 25, 2022 • 0 min read

[Solved] An error occurred (UnauthorizedException) when calling ListAccounts operation: Session …

AWS CLI

Tags

Actionscript
Advertising
Agile
Ai
Ai compliance
Ai ethics
Ai governance
Ai regulation
Ai risk management
Aiops
Alerting
Algorithms
Android
Angular
Anomaly detection
Ansible
API
API design
API gateway
API security
Apollo
Architecture
Argocd
Artificial intelligence
Assemblyscript
Asynchronous communication
Audio
Authentication
Authorization
Automation
Automl
Autonomous systems
Aws
Aws lambda
Aws optimization
Azure
Azure functions
Bash
Best practices
Big data
Biometrics
Blockchain
Blue green
Business process management
C
C
Caching
Canary
Capacity planning
Carbon footprint
Case study
Cdk
Chaos engineering
Chef
Ci cd
Cicd
Citizen developers
CLI
Cloud
Cloud architecture
Cloud costs
Cloud efficiency
Cloud management
Cloud native
Cloud networking
Cloud waste
Cloudformation
Code organization
Compliance
Computer vision
Concurrency
Connectivity
Consensus algorithms
Container security
Containerization
Containers
Cost management
Cost optimization
Cqrs
Cryptocurrency
Cryptography
Css
Dashboards
Data engineering
Data partitioning
Data structures
Database scaling
Databases
Datadog
Deployment
Deployments
Developer experience
Devops
Devsecops
Digital transformation
Discovery
Distributed
Distributed systems
Distributed tracing
Docker
Domains
Dsp
Dynatrace
Edge computing
Eks
Elastic
Embedded systems
Encryption
Energy efficiency
Enterprise architecture
Enterprise technology
Envoy
Error handling
Event sourcing
Event driven architecture
Excel
Experiment tracking
Explainable ai
Facilitation
Fault tolerance
Feature stores
Federation
Ffi
File i o
Finops
Firebase
Flux
Forensics
Gcp
General
Git
Github actions
Gitops
Go
Google cloud functions
Governance
Graal
Grafana
Graphql
Green computing
Growth
High availability
Hosting
HTML
Hybrid architecture
Iac
Ide
Image processing
Incident management
Infrastructure
Infrastructure as code
Input validation
Interoperability
Interview
Iot
Istio
Java
Javascript
Jenkins
JWT
Kafka
Kotlin
Kubernetes
Lifetimes
Linux
Llm
Logging
Low code
MAC
Machine learning
Macros
Mariadb
Maths
Maven
Memory management
Memory safety
Message brokers
Metaprogramming
Metrics
Microservices
Misc
Ml
Ml infrastructure
Mlops
Model deployment
Model governance
Model monitoring
Model registry
Modules
Monitoring
Monolith
Music
Mysql
N 1 problem
Network design
Networking
New relic
Nexus
No code
Node
Nosql
Npm
Oauth
Observability
On call
Opentelemetry
Optimization
Owasp API
Pandas
Parallelism
Pattern matching
Performance
Performance optimization
Performance tuning
Php
Pip
Platform
Pod security
Portable execution
Postmortems
Powershell
Production
Programming
Progressive delivery
Prometheus
Pulumi
Puppet
Python
Quality assurance
Quantum advantage
Quantum algorithms
Quantum computing
Quantum strategy
Quantum use cases
Quantum ready
Rabbitmq
Rapid application development
Rate limiting
React
Real time
Reliability
Replication
Requirements gathering
Resilience
Resource optimization
Responsible ai
Rest
Robotics
Ruby
Rust
S3
Scalability
Scaling
Schema design
Secrets management
Security
Seo
Serverless
Service mesh
Setup
Shadow it
Sharding
Simulation
Sli
Slo
Slos
Smart contracts
Software
Spring
SQL
Sre
SSH
Ssl
Standard library
Startup
Startups
Stream processing
System design
Technical planning
Terraform
Testing
Traits
Type systems
Typescript
Ubuntu
Vpc
Wasi
Wasm
Web development
Web3
Webassembly
Windows
Wsl
Zero trust

Recent Posts