How can I use the command line interface of AWS and assume line command to assume a role in the AWS account?

218    Asked by Bhaanumatishukla in AWS , Asked on Jan 31, 2024

I am currently working on a particular project in which I need to access AWS resources in another AWS account to perform some tasks. Explain to me how can I utilize the Command line interface of AWS and the “assume role” command for assuming a role in the target AWS account considering implementing commands or scripts against its resources. 

Answered by Daniel Cameron

 In the context of AWS, to assume a particular role in another AWS account by using the Command line interface of AWS, you can use the “aws sts assume-role” command. Here is the example given of how you can do so:-


Aws sts assume-role 
    --role-arn arn:aws:iam:::role/
    --role-session-name

After running this above command, the AWS would return temporary credentials related to security such as access keys, secret access keys, and session tokens that you can use to request the service of AWS on behalf of the role which is assumed. These credentials generally have a limited lifetime, after which they would expire.

Here is the breakdown of the steps given:-

First, install and then configure the Command line interface of AWS.

Then you can run the “aws sts assume-role” command with the right parameters which would specify the ARN of the role for assuming and a session name.

Now you can attempt to retrieve the temporary credentials related to security measures that were provided by AWS in the command output for performing the actions on AWS resource in the targeted account.



Your Answer

Interviews

Parent Categories