By using AWS re:Post, you agree to the Terms of Use
/How to access multiple roles from single IAM user simultaneously?/

How to access multiple roles from single IAM user simultaneously?

0

Can we access and use multiple roles from a single user simultaneously(using STS assumeRole api right now)? My use case requires creation of different roles which have their specific policies assigned, and I need a different way other than creating one user per role sort of like a multiple account access. Instead of creating 1 user per role, is there any way that a single user can access/assume resources of multiple roles/accounts simultaneously?

2 Answers
0

Technically, you can assume multiple IAM roles at the same time but the permissions will not be aggregated. Assuming an IAM role doesn't change who you are or what permissions you have.

When you assume a role, you are given a new set of temporary credentials to use, instead of "your" credentials -- the credentials you used to assume the role.

When interacting with AWS resources each request can only be associated with a singular principal. So, if you assume role1 and role2 you can make requests as role1 OR role2 but not as both together. So, if you are trying to perform a single action that requires an aggregate of the permissions of multiple roles, that's a not possible.

answered a month ago
0

Another approach could involve session policies. See: Create fine-grained session permissions using IAM managed policies.

EXPERT
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions