Skip to the content.
AWS Solutions Architect - Associate

Advanced IAM

AWS STS - Security Token Service

Using STS to Assume a Role

  1. Define an IAM Role within an account or cross-account
  2. Define which principals can access this IAM Role
  3. Use AWS STS to retrieve credentials and impersonate the IAM Role you have access to (AssumeRole API)
  4. Temporary credentials will be valid for 15 minutes up to 1 hour