Security Token Service (STS) Role Authentication Using an Admin Account Access Resource Name (ARN)

Updated

On this page

You can configure a virtualization client (hypervisor) for Amazon Web Services (AWS) for STS role authentication, if the access node and the guest instance are in the same Amazon account.

STS role authentication allows an Amazon admin IAM user/role to assume the permissions of an Amazon tenant IAM user/role. You can use the following deployment methods:

  • Single account: The access node and the guest instance can be in the same Amazon account.

  • Multi-account: The access node and the guest instance can be in separate Amazon accounts.

Using Resources from an Admin Account