How to achieve cross-account access.
- Create an IAM user in account A.
- Create an IAM role in account B.
- Allow
sts:AssumeRolefrom A in the trust policy of the IAM role. - Allow
sts:AssumeRolefor B’s IAM role in the IAM user’s IAM policy.
How to use external ID.
- A unique external ID is issued for each link registration with a third-party service.
Comments