Grant access across different AWS accounts using IAM roles. (AWS Cross Accounts & IAM Assume Role)
Today's video we are going to grant access across different AWS accounts using IAM roles. (AWS cross accounts.)
What you will learn:
you will learn how to grant access to resources from different AWS accounts using IAM roles.
How to share AWS resources from one account to users created in another account.
This way, you do not have to log out each time and log in to a different account when needed.
Instead of creating multiple accounts in all AWS accounts, we can use a single account and manage all the resources from all the different accounts.
Prerequisites for lab:
1. At least two AWS accounts
2. Create an IAM role in the target account to allow access to resources through the source account
3. create a user and group in the source account
4. allow the group in the source account to assume the IAM role in the target account by creating an IAM policy
5. test by switching accounts.
IAM is a service that allows you to control the access and permissions that users are allowed to manage AWS resources. With IAM, we can create users, groups, and access control policies to control who can use AWS resources.
16 сен 2024
