IAM Account Assume Role

The IAM account is used to provide a single point of entry to your AWS estate, you will always connect to this account first and then you are able to assume role in to accounts which have been configured to allow access from your IAM account.

Changing accounts is sometimes referred to as Assuming Role or Switching Account.

To do this, firstly login to your IAM account and then select “Switch Role” from the menu.

If you have not assumed role before you will be presented with another button, click this, it is titled “Switch Role”.

Enter the account number you would like to use, the role you have been issued to access this account and you can then enter a name for you to use this account again in future.

It is a good idea to use positive colours such as Green and Blue for non production accounts, and Red or Black for production accounts.

You are now in the account you wanted to change to, you can confirm this by clicking the account name (in green, above).

You’re all set.

What Next?

You might need to change your password, update your MFA device or assign yourself credentials for CLI access.