Roles - changing tag depending on user assuming the role
Hi,
My first question - https://repost.aws/questions/QUS8M4w0jkS8iV6EzPmaRmag/ssh-key-managment-for-multiple-accounts
Im trying to use "AWS system manager" - "session manager". As i was advised in my previous question, to be able to login into the EC2 instances located in multiple accounts, i will need to do something similar to https://aws.amazon.com/blogs/mt/vr-beneficios-session-manager/
But the problem is that i need to have for each IAM user their own user in EC2 instance, as i found out, i need to pass tag "SSMSessionRunAs" with the value of the username to witch im login in. But if i will use "group" roles (roles assigned for multiple users), they will be authenticating with the same user in EC2 instance, which will not work for me. Does that mean, that in my case i will need to create a role for each IAM user? or i can change tag of the role depending on the user assuming this role?
Thank you very much.
Joann
I can set tags, while assuming the role ---> https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html , so when user assumes the role, user also sets the tag, with value of user in EC2 instance.
Relevant questions
Specify Individual Instance In Trust Policy Of IAM Role
AWS-User-1977876asked 17 days agoUnable to delete IAM Role
vsarvothamasked 2 months agoWhich role do I have to use for the Fargate tasks on AWS Batch?
Accepted AnswerSDOneasked 5 months agoAWS Backup custom IAM role
alvarofernandezasked 3 years agoHow to assign role for a group of users
Accepted AnswerJoann Babakasked a month agoHow to use AWS cloudshell when assuming role?
AWS-MMasked 5 months agoChanging IAM Role on EC2 instance: Internal Error
JerryCasked 2 years agoIdentify in-built or default IAM Roles
Accepted AnswerSarvoasked 3 months agoSSM Automation - Download file from S3 - Assume Role
raithedavionasked a month agoRoles - changing tag depending on user assuming the role
Accepted AnswerJoann Babakasked 7 days ago