Skip to content
Discussion options

You must be logged in to vote

Hey @wataruian. While I'm setting up this for my own accounts to be able to provide a bit more specific guidance, I believe the steps that will get you to what you want are:

  1. Have a role in each member account that can be assumed from every other account (using the cross-account-iam-roles module we've got)
  2. Have a user group and IAM users in each member account and respective group with the permissions set to allow assuming those roles from step 1 in a different account (using the iam-groups module we've got here)

The guide I'm following for the above steps: https://docs.gruntwork.io/guides/reference-architecture/example-usage-guide/authenticate/authenticate-to-the-aws-web-console/.

Pleas…

Replies: 1 comment 2 replies

Comment options

You must be logged in to vote
2 replies
@wataruian
Comment options

@wataruian
Comment options

Answer selected by wataruian
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment