How to Use AWS CLI to Assume an IAM Role
How to Use AWS CLI to Assume an IAM Role when the only access you have is read-only access to describe EC2 instances
Working with permissions on a cloud environment can be challenging, especially if your AWS environment has multiple accounts and deployments on different regions.
In this blog post, we’ll focus on a practical use case on how to use AWS CLI to assume an IAM role.
As an example, you will execute a demo that shows how to list the RDS instances, even when your user permissions are limited to listing EC2 instances.
This step-by-step guide will equip you with the foundational knowledge needed to leverage IAM permissions and assume role.
Pre-Requisites
To run this demo, make sure you have configured a user on either AWS console or AWS CLI with administrator access to make things simple.
You can use the guide Create an IAM user for workloads as a helper.
Create an IAM user with policy permissions
- Create an IAM user from the AWS CLI with the following command.
The user automation will be created as an example.
aws iam create-user --user-name automation
