AWS SAP exam preparation information summary


How to achieve cross-account access.

  1. Create an IAM user in account A.
  2. Create an IAM role in account B.
  3. Allow sts:AssumeRole from A in the trust policy of the IAM role.
  4. Allow sts:AssumeRole for B’s IAM role in the IAM user’s IAM policy.

How to use external ID.

  • A unique external ID is issued for each link registration with a third-party service.


Copied title and URL