Double jump assume

chfrodin1 · January 15, 2021, 7:07pm

Hi!

So I’m trying to build an account vending machine for AWS using terraform.

The issue im having is, when creating a new account using AWS organizations there is a role created which trusts root account.

How would you give Terraform access to that role which trusts root account when the user for Terraform is on a Bastion account and not the root account where AWS Organizations is. (would be nice to just double jump using assume role, assume an assumable role)

Cheers!
Chris

tbugfinder · January 15, 2021, 9:54pm

I’m wondering if AWS SSO could get you out-of-the double assume-role requirement.

Topic		Replies	Views
Assume Role for access to another account with MFA AWS	0	397	August 16, 2019
Assume_role + S3 backend issue Terraform	3	1676	August 9, 2023
CrossAccount IAM Role in AWS Terraform	2	1111	June 18, 2020
Tf aws provider cannot assume role Terraform	0	350	August 2, 2020
Crossaccount IAM role stopped working with terraform AWS	1	125	October 16, 2024

Double jump assume

Related topics