AWS allows users to impersonate roles by using AssumeRole. In the below, user dev01 is allowed to assume the role of BackendDev.

image.png

Running aws sts assume-role --role-arn <arn to assume> --role-session-name <nickname for the credential file>

image.png

Using the AccessKeyId, SecretAccessKey, and SessionToken, create a new configuration to use with AWS CLI

aws configure --profile <profile name>

aws configure set aws_session_token <token> --profile <profile name>

export AWS_DEFAULT_PROFILE=<profile name

image.png

Confirm role assumption with aws sts get-caller-identity

image.png