Overview#
AWS Role is used for Delegation of Permissions to AWS Resources.AWS Roles allow you to delegate access with defined permissions to trusted entities without having to share long-term access keys. You can use IAM roles to delegate access to IAM users managed within your account, to IAM users under a different AWS account, or to an AWS service such as EC2.
AWS Role assignment to a AWS user asks for AWS Account (842773767659) 12 digit number. The number is found within the URI/URN of each resource within the account. By default, it appears to assign the permission to the "root" account.
{ { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::842773767659:root" }, "Action": "sts:AssumeRole", "Condition": {} } ] }}
So can the value be replaced with any URN for a single user? arn:aws:iam::842773767659:user/developer1