Skip to content

How to create a IAM Federated Role Access Method for AWS in Leapp

If this is your first time accessing Leapp please follow this guide: First setup.

1) From your quick list click on the "+" button located on the top-right corner of the app

You'll be presented with the Provider Selection screen:

2) Choose "AWS" as a Cloud Provider, than you'll be presented with the Access Strategy selection screen:

Select "IAM Federated Role" as the Access Method.

3) As the last screen you'll be presented with the actual account creation screen:

  • AWS Profile: here you can select (ora add by writing and pressing ENTER) a named profile to use for this credential set, base one is "default"
  • Session Alias: choose a unique name suitable to recognize the Access Method.
  • Role ARN: Grab the Role ARN from your AWS account (Go to IAM service → Roles, and check for the federated role).
  • Region: select the region you want to start your session in.
  • SAML 2.0 Url: here you can select (ora add by writing and pressing ENTER) a SAML 2.0 URL to use with your Federated Account.
  • IdpARN: Is the Idp ARN you can recover by going into your AWS Account → IAM service → Identity Providers → Select your GSUITE federation → copy the ARN value.

Finally press Save.

Back to top