AWS Security Blog

Tag: AssumeRole

AWS CloudTrail Now Tracks Cross-Account Activity to Its Origin

You can use AWS Identity and Access Management (IAM) roles and AWS Security Token Service (STS) to set up cross-account access between AWS accounts. When you assume an IAM role in another AWS account to obtain cross-account access to services and resources in that account, AWS CloudTrail logs the cross-account activity. Starting today, CloudTrail logs […]

Read More

How to Use External ID When Granting Access to Your AWS Resources

When you need to grant access to your AWS resources to a third party, we recommend you do so using an IAM role with external ID. In this post, Josh Bean, a programmer writer on the AWS Identity and Access Management (IAM) team, walks you through a scenario to show you how. At times, you […]

Read More