Configure AWS IAM Role Chained
What is an AWS IAM Role Chained session
An AWS IAM Role Chained session represents an AWS role chaining access. Role chaining is the process of assuming a role starting from another IAM role or user.
An IAM role has some similarities to an IAM user. Roles and users are both AWS identities with permissions policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it.
A role does not have standard long-term credentials such as a password or access keys associated with it. Instead, when you assume a role, it provides you with temporary security credentials for your role session.
Role chaining occurs when you use a role to assume a second role through the AWS CLI or API, even in other accounts.
Refer to this guide to delegate access across AWS accounts using IAM Roles chaining.
How to configure an AWS IAM Role Chained in Leapp
- From the top bar, click on the plus icon to ass a new session.
- Select "Amazon AWS" as the Cloud Provider.
- Select "AWS IAM Role Chained" as the access method.
- Provide the required information (described in the next section).
- Click on the "Create Session" button.
| ||Your friendly session name in Leapp. Give it a meaningful name so it will be easier to find inside Leapp.|
| ||Your friendly session name in the AWS credential file. You will be able to reference it from the AWS CLI with |
| ||Your default region of choice. Select the one which you use the most for this Session.|
| ||Your IAM Role unique ID. The active Session will refer to this Role.|
| ||Your session name. You can query and search this on AWS Cloudtrail or any other linked audit service to find out what action were performed by the linked Identity.|
| ||Your session from which this Role will be assumed. The |