1. If using Google Chrome, open a new tab on your browser. For other browsers, open Gmail.
2. On the top-right, click to open all Google Apps connected to your organisation.
3. Then select “Amazon Web Services” at the very bottom.
4. If you have multiple Roles attached to your user, select one to use for the session and click “Sign In”.
5. After login, you will see the AWS Console. To have access to see workloads, you need to Switch Role (sometimes called “Assume Role”) to the account you would like to access.
6. On the top-right corner, click on your role/email:
7. And then click on “Switch Role”.
8. Enter the new role you would like to switch to:
The AWS account number can be found on the documentation of your AWS foundation. Search for a GIT repository called infra-<organisation_name>-root and check the README.md file. It will have a table with all account numbers and roles available.
The Role follows the pattern:
<organisation_name>-<account_name>-<role_name>
Where:
organisation_name is the name of your company.
account_name is the AWS account you are switching to. Usually prod, nonprod, mgmt, labs, etc.
role_name needs to match the same name you selected during the SSO phase (step 2 of this tutorial).
After you login, the role will be recorded in your browser so next time you need to switch roles, you can click directly on the role shown under “Role History” as per step 3 above.