Using Cross Account Access for multiple AWS Accounts

This tutorial will brief you on how to access multiple AWS Console using a single IAM User with Cross Account Access facility of AWS.

Normally, we would sign-in to the different AWS Console with the customized IAM Sign In Link. For 1 or 2 accounts it’s acceptable. But for a much larger number, it becomes difficult to switch browsers to private browsing, or using multiple browsers, which kind of becomes complex in handling all the accounts and their credentials as it tends to increase the user management because of each AWS account having its own IAM users, groups, and roles. This tutorial is focussed on setting up Cross Account Access via AWS Console (or AWS GUI, as some might prefer that).

I’ll be assuming the below variables in this blog post:

Main AWS Account ID: 1111111111
3rd Party AWS Account ID: 2222222222

In simpler terms, We will be using the IAM users of 1111111111 to access the resources of 2222222222.

Sounds Easy? Let’s get started.

Step 1:

Login to 2222222222 account Console and create an IAM role for 1111111111 IAM users to access resources of 2222222222 account.

IAM Create Role

Step 2:

Choose Role for Cross-Account Access and select “Provide access between AWS accounts you own“. Use ReadOnly access for testing purposes.

Create Cross Account Access

Step 3:

Enter the Account ID of the main account, which is 1111111111 and proceed.

IAM Read Only Access

Step 4:

Finish the role creation wizard.

Step 5:

Now login to 1111111111 account, and click on the username with account ID on top right corner of the webpage. Click “Switch Role”.

IAM Switch Role

Step 6:

Click Switch Role and enter the values accordingly and proceed.

Switch Role Details

Step 7:

The page will be refreshed with the AWS Console Dashboard and a change (with color) in top right corner of the webpage.

Cross Account Access Role

Step 8:

Verify the access by opening a service currently in use.

Using the Cross Account access for multiple accounts removes the hassles of maintaining multiple accounts and their credentials.


Comments are welcome. Cheers.

Next Up: Using AWS CLI for Cross Account Access
amazon web services aws ec2 iam cross account iam role