i have account A , management account & account B. I am executing the automation from account A . i have access key and secret key for management account and role in account B which have trust realtionship ship with management account. How to create resource in account B from account A using management account as proxy ?
1 Like
You can achieve this by assuming the role in Account B through the management account. First, use the access key and secret key of the management account to assume the role in Account B using AWS STS. Then, use the temporary credentials obtained to create resources in Account B. Here’s the general approach:
- Use
sts:assumeRolefrom Account A with the management account’s credentials to assume the role in Account B. - Retrieve temporary credentials (Access Key, Secret Key, and Session Token).
- Use these credentials to create resources in Account B.
Ensure the IAM role in Account B has the necessary permissions and a trust relationship with the management account.
I believe this is an issue that could be resolved by AWS SSO, wouldn’t you agree?
you can use “assume_role” for this