Assume Role

Assuming a role means asking Security Token Service (STS) to provide you with a set of temporary credentials – role credentials – that are specific to the role you want to assume. (Specifically, a new “session” with that role.)

You can optionally include a policy with this request, which will serve to limit the permissions of the temporary credentials to only a subset of what the role’s policies would have allowed.


Assume an IAM role: AWS CLI, AWS STS (Security Token Service), Assume Role API Call, AWS Management Console