Extend your AWS IAM switching roles. You can set the configuration like aws config format
Switch roll history does not remain only five maximum on the AWS Management Console. This extension gives you show all of switch roles from a browse menu by loading your aws configuration. ## Configuration Supports ~/.aws/config format and like ~/.aws/credentials ### Simple Configuration The simplest configuration is for multiple **target roles** when you always intend to show the whole list. **Target roles** can be expressed with a `role_arn` or with both `aws_account_id` and `role_name`. #### Optional parameters * `color` - The RGB hex value (without the prefix '#') for the color of the header bottom border and around the current profile. * `region` - Changing the region whenever switching the role if this parameter is specified. * `image` - The uri of an image to use on top of any color attribute supplied. The color and image are not mutually exclusive. ``` [profile marketingadmin] role_arn = arn:aws:iam::123456789012:role/marketingadmin color = ffaaee [anotheraccount] aws_account_id = 987654321987 role_name = anotherrole region=ap-northeast-1 [athirdaccount] aws_account_id = 987654321988 role_name = athirdrole image = "https://via.placeholder.com/150" ``` ### Complex Configuration More complex configurations involve multiple AWS accounts and/or organizations. - A profile that has only `aws_account_id` (without a `role_name`) is defined as **base account**. - **If your account is aliased, the alias will be shown in the role dropdown after 'Account:'. You MUST use that alias as the aws_account_id for the base account instead of the numerical account id or your configuration won't work as expected.** - A **target role** is associated with a **base account** by the **target role** specifying a `source_profile`. - As above, **target roles** can be expressed with a `role_arn` or with both `aws_account_id` and `role_name` and can optionally pass the optional parameters. - If `target_role_name` is set in **base account**, the value is provided as the default role name for each **target roles**. ``` [organization1] aws_account_id = your-account-alias [Org1-Account1-Role1] role_arn = arn:aws:iam::123456789012:role/Role1 source_profile = organization1 [Org1-Account1-Role2] aws_account_id = 123456789012 role_name = Role2 source_profile = organization1 [Org1-Account2-Role1] aws_account_id = 210987654321 role_name = Role1 source_profile = organization1 [baseaccount2] aws_account_id = 000000000000 [Base2-Role1] role_arn = arn:aws:iam::234567890123:role/Role1 source_profile = baseaccount2 [AnotherRole] role_name = SomeOtherRole aws_account_id = account-3-alias ; ; target_role_name example ; [Org2-BaseAccount] aws_account_id = 222200000000 target_role_name = Developer [Org2-Account1-Developer] aws_account_id = 222200001111 source_profile = Org2-BaseAccount [Org2-Account2-Manager] aws_account_id = 222200002222 role_name = Manager ; overrides target role name source_profile = Org2-BaseAccount ``` If you sign-in a base account, target roles of the other base accounts are excluded. The 'Show only matching roles' setting is for use with more sophisticated account structures where you're using AWS Organizations with multiple accounts along with AWS Federated Logins via something like Active Directory or Google GSuite. Common practice is to have a role in the master account that is allowed to assume a role of the same name in other member accounts. Checking this box means that if you're logged in to the 'Developer' role in the master account, only member accounts with a role_arn ending in 'role/Developer' will be shown. You won't see roles that your current role can't actually assume.
- (2020-10-26) Gert van den Berg: No 5 account limit like the AWS UI. Needs quite a bit of tweaking on the config currently (see issue 171 on Github) to get my config to work... (my config is based on the settings to get the CLI MFA to work for everything other than the default profile)
- (2020-10-01) Martyn Russell: Love it. Makes life so much easier. Surprised AWS doesn't have this already.
- (2020-09-28) Collin Erickson: Good work updating due to aws update!
- (2020-09-25) Leyton Reed: Deserves waaay more love than it gets :D
- (2020-09-25) Rurui Ye: The plugin is great, but aws just change their nav bar style, and the plugin doesn't work anymore.
- (2020-09-25) Peter Wiseman: Wonderful extension. Makes working with multiple accounts and multiple roles usable. The developer has been very responsive to address issues when AWS update the UI. And AWS have recognised the value of this extension.
- (2020-09-24) Andrew C: Absolutely essential when managing multiple accounts & roles
- (2020-09-24) Jinggo Villamor: Hi there. Is this compatible with the latest AWS console UI update?
- (2020-09-23) Sheng Tian: Love this. It's broken now as AWS just changed their switch org UI
- (2020-09-23) Chris Gibson: Must have extension for AWS users.
- (2020-09-23) Kyle Laverty: This is a very well done extension. Simple, to the point and blends easily into the AWS UI.
- (2020-09-23) Kratos Adamas: AWSome extension! The latest UI update seems to have broken this. Are there any plans to update this to work with the new update?
- (2020-09-23) Brent Harrison: If you use AWS with multiple roles/accounts, you *need* this plugin.
- (2020-09-18) Mathieu Marcoux: Giving it 5 star even if it broke today - The extension works beautifully although on sept 18th AWS did an UI update and it's not working anymore. Thanks for checking it out!
- (2020-09-18) Tyrone Meijn: This is a must have, no doubt about that. The guy is also superresponsive on Github! 🧡
- (2020-09-18) Denis Semenenko: Great extension! Shame to AWS they don't have this out of the box.
- (2020-09-18) Tim Schill: A must have plugin for anyone handling more then 5 AWS accounts. Great plugin thank you!
- (2020-09-18) Harry Papadopoulos: One of the must have extensions if you work with multiple AWS accounts. Works great and is dead easy to configure.
- (2020-09-17) Jared Kauppila: Incredibly useful extension that really simplifies the workflow when working with many AWS accounts.
- (2020-09-17) Jonathan Flowers: This is by far the most useful Chrome extension I use in my day-to-day work. It solves a huge problem with the native AWS console experience which (for some reason) only limits you to quick-switch between the last five roles. We have a dozen or more roles at any one time so being able to switch to any of them quickly is extremely helpful.
- (2020-09-17) Michael Hart: This plugin is a life-saver when managing many AWS accounts and roles.
- (2020-08-25) Eugene Glotov: I expected the roles to be available from the extension bar. The extension provides an interface similar to something AWS already has with some improvements. That's nice, but is not really helpful.
- (2020-02-25) Jason Gay: superb - just works!
- (2020-01-24) John Paulo Rodriguez: Very Useful! Thank you!
- (2019-11-20) Bách Huỳnh Văn: Awesome extension! I love it!
- (2019-11-13) Tyler Sustare: Super duper when using
- (2019-11-06) Sathurjan: Its very useful extension for AWS Admin !! Really love it - Powerful tool
- (2019-11-04) Martin Bachmann: Surely useful, but on a general note, a third-party browser plugin which has full access to your AWS console should make everybody at least a bit nervous. A plugin can modify a page and interact with it as it sees fit. And quite a few times plugins were targeted by hackers - imagine the implications here. (Don't get me wrong, the author is surely doing a great job and will hopefully ensure the plugin access remains firmly in his hands).
- (2019-08-25) Robert J: My dude or dudette, you are my hero!
- (2019-08-20) Jason Harris: Seriously, the most useful extension I have. By far. It saves me thousands of keystrokes.
- (2019-07-25) Justin Rice: SO MUCH TIME SAVED
- (2019-07-12) Carlo Mencarelli: Great for segmented AWS orgs. Straightforward and easy to setup.
- (2019-06-27) Emre Odabas: Using this over a year and this is by far the most useful addon for an AWS user.
- (2019-06-26) 唐守滨: awesome extension tool, found long time.
- (2019-06-24) Manuel de Paz: Extensión imprescindible cuando gestiones varias cuentas de AWS. Permite tener más de 10 cuentas en la lista y facilita los assumeRole.
- (2019-05-06) Agapito Di Sousa: Esta extensión me ha cambiado la vida no la he probado ni se lo que hace pero descarguenla es muy buena
- (2019-01-30) Excellent tool!!! I manage close to 200 AWS accounts, and this tool is perfect!!!
- (2018-12-14) John Jones: AWS should just buy this and make it the standard for role switching
- (2018-11-15) Asfand Qazi: The perfect extension! Does one job, no ads, and does it really well. Would happily donate if I didn't have to pay a £4 fee with the £5 donation - thanks PayPal.... :(
- (2018-10-30) John Heller: Super useful, especially if you have to deal with multiple accounts and related cross-account roles. It's clever enough to show you just the relevant roles. I like being able to set the region too.
- (2018-10-15) Murat Tasova: very usefull, thanks. No dont have to remember the all the account names and are able to switch fast,
- (2018-10-06) Adrian Amoroso: What AWS should have done from the start. Nice work!
- (2018-09-24) cheesejunkfunk: This does everything I need it too, and it saves me a lot of time.
- (2018-09-08) Dorance Martinez Cortes: Thanks, is simple to use, only copy paste the credentials file and can change easily between roles.
- (2018-06-19) Max Allan: Why have I only just found this plugin? My life is now so much easier. Thank you!!
- (2018-05-07) voll cool
- (2018-04-27) Doug Copestake: Just being able to automatically switch region is a life saver. Thanks!
- (2018-02-13) Pavel Malinov: love it
- (2018-01-11) Jonathan Strohl: I'm totally in love! Thank you thank you thank you thank you thank you thank you thank you! Did I say thank you? Exactly what I have needed for so long. This will save me so much time and headache. It's insane that AWS hasn't improved this yet in the default web app.... I love how much control this extension gives, including ability to hide original history, complete color control instead of limiting you to just 5, control over order of entries, support for multiple accounts and even organizations. Superb job! Again, thank you. I'm so grateful.
- (2018-01-03) Scott Baxter: Fantastic. Exactly what is needed if you have more than 5 accounts and/or roles. No idea why AWS still limits to only 5, it's clearly not a hard limit by the drop down. Also super helpful that you can copy paste roles used by multiple users, or if you use multiple computers.
- (2021-08-14, v:2.1.1) Максим Бурцев: Failed to add more lines to config
My config includes 169 roles and 869 lines now and looks like I cannot add any more roles as I get "QUOTA_BYTES_PER_ITEM quota exceeded" as I try to save the config with more roles. Are there any solutions to increase the limit?
- (2021-06-11, v:2.1.1) Dean Halbeisen: Cannot get extension to work on Chrome or Firefox on IMac running Big Sur 11.4
How can I further trouble shoot the extension not working on my Imac. I have even tried copying a working configuration from a windows host and it will still not list the accounts while being logged into the correct account on the management console. Thanks!
- (2021-04-19, v:2.1.0) Eloisa Ibáñez León: Does the pluging supports sso_* configuration parameters?
Does the plugin supports sso parameters included in aws-cli 2? https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html https://docs.aws.amazon.com/credref/latest/refdocs/settings-global.html sso_start_url, sso_region, sso_account_id, sso_role_name
- (2020-09-28, v:2.0.3) Tom Lynch: config file from previous release
Is there anyway to recover the configuration file from the verison before v2.0.3? I had a lot of setup in that file and now it is gone and I was wondering if anyone knows how to get the previous file back to then migrate into the new version
- (2020-09-25, v:0.15.0) disuan netsirininkul: Is it compatible with MicrosoftEdge?
I have tried to install this extension in MicrosoftEdge since it's able to install Chrome extension but it didn't work as expected.
- (2020-09-25, v:0.15.0) Sivanesan TamilMani: All of sudden plugin stopped working
AWS have changed the UI, and all of sudden the plugin stopped working.
- (2020-09-23, v:0.15.0) Rob Weaver: Is it possible to get the updated style for the new UX ?
It's a bit jarring to see the account information with a white background and dark text on the black background that AWS has changed the style to.
- (2020-09-23, v:0.15.0) Harikrishna Kammadanam: for the past week its only showing 4 recent roles, but I have 20 roles to switch they are not visible anywhere
for the past week its only showing 4 recent roles, but I have 20 roles to switch they are not visible anywhere, I have the config file and also from GUI I have updated with the role config info.. it used to work just fine, but for the past 1 week I am not able to see many roles but just 4 recent roles . How can I fix this
- (2020-09-23, v:0.15.0) thies zen: Generating configuration file
I created a simple script that will retrieve all accounts in an AWS configuration and generate the AWS Extend Switch Role configuration file. This is especially useful when you have a lot of accounts to manage. Perhaps it helps someone, you can find it here: https://gist.github.com/thiezn/336166becd0a47897372591d4f25a9d0 If you want to use different role names/colours per account you can do this yourself in the generate_account_details() function.
- (2020-09-23, v:0.15.0) Sergio Cruzado Rosell: when use colors, is difficult to distinguish the text.
I am using colours to differenciate the aws accounts. If the background is black, as the text is also black y cannot see in which account i am logged in. with others colours the contrast also does not allow to read clearly the text
- (2020-09-16, v:0.15.0) Ben Tucker: after AWS console update it doesn't work :-(
The new themed AWS console is beautiful, but it broke this extension. I have about 40 accounts, the drop down menu is all screwed up and has some garbage chars in it.
- (2020-08-03, v:0.15.0) Jonathan Bedford: AWS Extend Switch Roles - security risks
- (2020-02-28, v:0.14.0) Rurui Ye: any plan to support China aws?
the url is different: https://amazonaws.cn/
- (2019-09-19, v:0.14.0) shobhit srivastava: Failed to save bacause the number of profiles exceeded maximum 200!
Hello Team, Thanks for creating such cool tool for easy switch role between accounts. But while I am exceeding more then 200 accounts, it's showing this error, "Failed to save because the number of profiles exceeded maximum 200!". If possible please increase the maximum limit to 400 or 500. Once again thanks for life easy tool.
- (2019-07-09, v:0.13.1) steven smith: Version Control the config
Hello, first of all, Kudos. this has made my life so much easier. thank you second, where is the config stored? we want to version control this along with the cli files, but i cannot locate it?
- (2019-03-13, v:0.11.0) Trevor Cotton: GovCloud support
Are there any plans to support GovCloud (https://console.amazonaws-us-gov.com)?
- (2019-02-08, v:0.10.1) Sheldon Hull: Failures to switch role
Network tools show the request is submitting just https://signin.aws.amazon.com/switchrole and no parameters provided at the end. I've verified permissions are set to all sites, and my configuration is correctly set with alias at root. This worked previously, so I'm leary that perhaps an issue with a chrome update just pulled in last week or so is causing this? I've ensured adblocker disabled, even though previously it worked with it, with no impact. <code> Bad Request You may have typed the address incorrectly or you may have used an outdated link. </code> Form data submitted by extension shows: <code> action=switchFromBasis&src=nav&roleName=DelegateAdminAccessRole&account=1234567&mfaNeeded=0&color=E00008&csrf=NumNums&redirect_uri=https%253A%252F%252Feu-west-1.s3.console.aws.amazon.com%252Fs3%252Fhome%253Fregion%253Deu-west-1%2523&displayName=TacosAreDelicious++%7C++1234567 </code> Any ideas?
- (2018-04-26, v:0.8.0) Shared config file
Firstly, thank you for your continued development and support of this incredibly useful extension. It definitely improves usefulness of the AWS management console for multi-account/role configurations. I have a team of people who would benefit from sharing a common config file of accounts and roles. Would you consider adding support for a shared read-only config via URL as an option or addition to the local private read-write config?
- (2018-04-17, v:0.8.0) Craig Bona: Max Size of configuration?
We have a fairly large number of roles and accounts, and it seems that once the config gets to a certain size it says it updates on save, but it doesn't.
- (2017-11-17, v:0.6.1) color picker crashes chrome
Chrome Version 62.0.3202.94 (Official Build) (64-bit) Open Extension. Choose color picker. Try to pick a color. All chrome windows crash.
- (2017-07-13, v:0.5.0) Peter Salnikov: Nothing changes in aws console
I've installed your extension. But nothing changed after I put config there and reload aws console page. Are there any debug logs available there?
- (2017-05-09, v:0.4.0) Josh Smith: Remove " | ACCOUNTID" from the display
Can you please add an option to hide the "| accountid" from the display?
- (2017-02-24, v:0.3.2) Extension does not work with roles using path/forward slash
Love the extension, however does not work with our accounts that use a path/forward slash. Example: arn:aws:iam::123456789012:role/test/TestRole This will only populate role field with 'test'.