Due to that some tasks require root user credentials, from time to time we need to login into an AWS account as root, e.g removing a misconfigured S3 bucket policy which denies all principals. Conventionally, we login into the account from the AWS login console with root user email, password and MFA. Now, there is … Continue reading How to assume root user of an AWS account?
A couple years back I wrote a post to share how to create AWS instance profile for on-premise servers. That was to use SSM agent and Lambda function to manage the IAM credentials for the on-premise servers. Starting early this month, the AWS native solution for such use cases are available - AWS IAM Role … Continue reading AWS IAM Roles Anywhere
Question: Using the credentials for one IAM role 1 to assume a different IAM role 2, what is the maximum duration of the new credentials? A. Same as Role 1B. Same as Role 2C. Same as the role (1 or 2) which has longer maximum duration D. Same as the role (1 or 2) which … Continue reading AWS IAM Role Chaining
It was painful that you are unable to change the instance profile for existing EC2 instance. A good news is that you CAN now via AWS CLI!! Here is a step by step example.
Jackie Chen's IT Workshop 