How to Easily Switch IAM Roles Between Accounts
Learn how to switch between multiple AWS account roles using the aws-extend-switch-roles browser extension. Just follow the step-by-step instructions for installing the extension, configuring it with your AWS accounts, and using it to switch roles seamlessly.
Problem
Your company uses a dozen or more AWS accounts with multiple roles. The AWS Web Console only remembers the last 5 roles you used. This gets old really quick and you want a better UX switching roles into AWS accounts.
Solution
The aws-extend-switch-roles browser extension can be used to switch roles across many accounts easily from the browser.
-
Refer to the aws-extend-switch-roles documentation to install the extension on the browser of your choice.
-
Follow the AWS CLI Access procedure to set up your local workstation and access the Geodesic shell.
-
Enter the Geodesic Shell
-
If the option is available, run the
aws-accounts gen-switch-rolescommand to save theaws-extend-switch-rolesconfiguration to your home directory.⨠ aws-accounts gen-switch-roles > /localhost/aws-extend-profiles -
If not, use this workaround
⨠ aws-accounts gen-saml | \
grep -v source_profile | \
grep admin -C 1 | \
grep -v '\-\-' > /localhost/aws-extend-profiles -
If no
aws-accountsuse thisaws-gen-config⨠ aws-gen-config | \
grep -v source_profile | \
grep admin -C 1 | \
grep -v '\-\-' > /localhost/aws-extend-profiles
-
-
In your browser, left-click the
aws-extend-switch-rolesextension (light-blue icon with a key) and click on theConfigurationoption. -
Open
~/aws-extend-profilesin your home directory, copy its contents, and paste it into the form, then clickSave. -
Follow the AWS Sign-In Procedure to open the AWS Console.
You should now be able to switch IAM roles across accounts by clicking the extension in your browser and selecting the desired IAM role.
See the official extension docs for more configuration options.