Multiple Account Switching via AWS Console
Hi Gruntwork team! I would like to ask a question regarding switching of accounts using AWS Console. Let’s say I logged in to AWS Console of `security` account using my IAM user and I want to switch to `stage` account and vice-versa. I can’t seem to it do it from there, but if I logged in from the `"master"` account I can switch to all accounts (dev, stage, prod, logs, security, shared) just fine. Is it possible to switch from a member account to another member account and vice-versa? If yes, what are the necessary permissions/steps in order to do so. Thanks in advance! <img width="365" alt="Screen Shot 2022-01-28 at 2 41 11 PM" src="https://user-images.githubusercontent.com/32057659/151736265-3295a711-2239-4b87-8aab-fe1bf48057f4.png"> r:terraform-aws-security
Hey @wataruian. While I'm setting up this for my own accounts to be able to provide a bit more specific guidance, I believe the steps that will get you to what you want are: 1. Have a role in each member account that can be assumed from every other account (using the `cross-account-iam-roles` module we've got) 1. Have a user group and IAM users in each member account and respective group with the permissions set to allow assuming those roles from step 1 in a different account (using the `iam-groups` module we've got here) The guide I'm following for the above steps: https://docs.gruntwork.io/guides/reference-architecture/example-usage-guide/authenticate/authenticate-to-the-aws-web-console/. Please let me know if this makes sense!