ℹ️ When creating the OperatorUser, no permissions are initially assigned. To enable the OperatorUser to assume the AdminRole, specific permissions must be granted to allow this role transition.
Once the IAM Role AdminRole and IAM User OperatorUser have been created, follow these steps to configure the necessary permissions:
To grant the required permissions, proceed with the following:
⚠️ The inline policy is assigned directly to the specific IAM User and will not be shared with other IAM Users.
Configure the policy by following these steps:
<ACCOUNTID>
with your actual account ID, and confirm that the AdminRole role has been previously created.{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Resource": "arn:aws:iam::<ACCOUNTID>:role/AdminRole"
}
}
Name the inline policy AllowSwitchAdminPolicy
.
Click Create Policy.