2 min read | by Jordi Prats
If you are working with Amazon Web Services (AWS), you may have heard the term "assuming a role" in the context of one role using another role. This phrase refers to the process of temporarily taking on a specific set of permissions or privileges within an AWS account, in order to perform certain actions or access specific resources.
Since when we are using the AWS console we are using a specific role to have access, we can assume another role as well.
In the top-right corner of the console, click on your username, and then select "Switch Role" from the dropdown menu. Alternatively, you can navigate to the same page using https://signin.aws.amazon.com/switchrole.
We are going to get the following page where we can specify:
It's going to look like this:
We can use some parameters to craft a link that will have the settings predefined:
Note that in order to assume any role, you must have the necessary permissions to do so. Specifically, you must have the "sts:AssumeRole" permission in your IAM policy. To be able to assume it between two different accounts, we'll need both: The source IAM role being able to AssumeRole and a trust relationship in the target role belonging to a different account.
Once assumed, we'll be able to see a new label on the top bar to help us identify what role we are using:
Posted on 21/02/2023