Skip to main content

How to assume a role on target account from login account using MFA Code?

Step 1: Run the following command and get the temporary credentials.

aws sts assume-role \
--role-arn arn:aws:iam::<TargetAccountId>:role/<RoleName> \
--role-session-name <RoleName> \
--serial-number arn:aws:iam::<LoginAccountId>:mfa/<LoginName> \
--token-code <6DigitMFACode>

Step 2: The temporary credentials include the following:
  • AccessKeyId
  • SecretAccessKey
  • SessionToken
  • Expiration date and time (this token is valid for 1 hour by default)
Copy these values and create a profile in %USERPROFILE%\.aws\credentials file as follows:

[PROFILE_NAME]
aws_access_key_id = <AccessKeyId>
aws_secret_access_key = <SecretAccessKey>
aws_session_token = <SessionToken>

Step 3: You can now use this profile to assume <RoleName> role in <TargetAccountId> account.
Labels:

Comments

Post a Comment

Popular posts from this blog

How to install/upgrade/downgrade kubectl in Linux (Ubuntu)?

To install the latest version: curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" echo "$(<kubectl.sha256) kubectl" | sha256sum --check sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client kubectl version To install a specific (v1.19.0) version: curl -LO "https://dl.k8s.io/release/v1.19.0/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/v1.19.0/bin/linux/amd64/kubectl.sha256" echo "$(<kubectl.sha256) kubectl" | sha256sum --check sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client kubectl version This will install kubectl client. Run minikube start to install kubectl server.
Post a Comment
Read more

Application Load Balancer (ALB)

The ALB spans all subnets in a VPC i.e., it is not inside a subnet but VPC. ALB is bound to Target Groups (TGs). TGs are bound to subnets.
Post a Comment
Read more