Skip to content

AWS IAM Roles

AWS IAM Federated Role

Federation is established between G Suite, Okta, OneLogin, AzureAD, and AWS. No more AWS credentials management is needed.

Leapp allows you to get to cloud resources with company email and password.

AWS IAM Role Access Schema
AWS IAM Role Access Schema
AWS IAM Federated Role Access Use Case
AWS IAM Federated Role Access Use Case

See setup tutorial

AWS IAM Chained Role

Access to an Aws Account Role via another AWS Account role or an IAM user, thanks to a cross-account role available via STS.

In this access strategy a IAM Chained Role is assumed by a IAM User, a IAM Federated Role, or an AWS SSO Role.

AWS IAM Chained Role from IAM User Access Schema
AWS IAM Chained Role from IAM User Access Schema
AWS IAM Chained Role from IAM Federated Role Access Schema
AWS IAM Chained Role from IAM Federated Role Access Schema
AWS IAM Chained Role from AWS SSO Role Access Schema
AWS IAM Chained Role from AWS SSO Role Access Schema
AWS IAM Chained Role Access Use Case
AWS IAM Chained Role Access Use Case

See setup tutorial

Note: it's possible to apply MFA to a truster session by setting it on the plain account it relies on.

Back to top