Signing into AWS to a different account


I currently have AWS configuration set up with my access key id and secret access key (i.e. I see this when going to 'aws configure' in the CLI). I then login through my company's OKTA to then access the AWS UI.

I've just been given access to a new AWS account (lets call it X) that I've been given access to AWS Single Sign-on (SSO) in OKTA for this new account.

What are the steps I need to take in order to access this new account (X)?

Also, I was told that when using SSO it'll give me the option to go to the Management Console or Programatic Access - the Programatic Access will show you iam access key and secret to use, but I still see the previously used account not account (X).

2 Answers

With the AWS SSO you have a page

With this page you can configure the SSO login for the cli:

After you have configured it, run: aws sso login --profile generated-profile-name to login. This will open a browser window and redirect you to okta to authenticate.

answered 2 years ago

You can have multiple profiles in the credentials/config files. If you want to store the additional keys do something like this:

aws configure --profile accountx

Then to use these credentials use the --profile in the command, like:

aws ec2 describe-instances --profile accountx

See: Named profiles for the AWS CLI.

profile pictureAWS
answered 2 years ago
  • Thanks @kentrad, but they didn't give me any additional secret or key, so how would I get those? I was told to log in via okta but when I do that I just see my previous account not the new account (X)

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions