- Newest
- Most votes
- Most comments
You will need your AWS access key and secret access key to run "aws sts assume-role".
Since that command is for ASSUME-role, it cannot be used without the information of the IAM user to receive the IAM role.
Attach a policy to the IAM user that allows the user to execute the "assemble-role".
The trust policy of the IAM role to which the asset-role is assigned must be configured for use by IAM users.
I think it is essential to create an access key and secret access key to use the service from outside AWS.
https://repost.aws/knowledge-center/iam-assume-role-cli
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_enable-create.html
Here some documentation on IAM Roles Anywhere.
- What is AWS Identity and Access Management Roles Anywhere?
- Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere
Docs above have examples of the trust policy that is need and the helper script for getting role credentials.
Relevant content
- asked a year ago
- Accepted Answerasked a year ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago