- Más nuevo
- Más votos
- Más comentarios
You will need your AWS access key and secret access key to run "aws sts assume-role".
Since that command is for ASSUME-role, it cannot be used without the information of the IAM user to receive the IAM role.
Attach a policy to the IAM user that allows the user to execute the "assemble-role".
The trust policy of the IAM role to which the asset-role is assigned must be configured for use by IAM users.
I think it is essential to create an access key and secret access key to use the service from outside AWS.
https://repost.aws/knowledge-center/iam-assume-role-cli
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_enable-create.html
Here some documentation on IAM Roles Anywhere.
- What is AWS Identity and Access Management Roles Anywhere?
- Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere
Docs above have examples of the trust policy that is need and the helper script for getting role credentials.
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años