AWS: Easier account management with Aliases

When working on AWS, we have multiple IAM users to manage. Even if someone is the root user, they should generally use the IAM user for day to day account management.

As an organisation, it is also recommended that you separate resources into atleast 3 different accounts: a sandbox account for experiments, a dev account, and a prod account.

With this, it becomes a little confusing as to which account is which. For example, is account number 219066881281 my production account or dev account? What about 917733831218? (PS: These account numbers are fake).

This also causes confusion with the sign-in urls. The sign-in url is of the format — https://<ACCOUNT NUMBER>

The solution to this is using aliases. AWS allows you to have aliases for different accounts. You can find the steps here, under the section Creating and Deleting Aliases (Console).

Let’s say the name of your organisation is FooBar International. You can name aliases in the following manner: foobar-root, foobar-sandbox, foobar-dev, foobar-prod.

Now your sign-in urls become simple :

On your local machine, you can create multiple AWS profiles, and name the profile by the alias. That makes using the CLI much easier.

If you liked this article, please share it on social media.

View my courses on Udemy —
Subscribe to us on Linkedin —
View all our Youtube Videos —
Join our Facebook Group —

Subscribe to us on Youtube for an awesome video every Wednesday!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store