How To Use Granted To Log In to Multiple AWS Accounts at the Same Time

3/20/20234 views • 2 min read • 0 likes

How To Use Granted To Log In to Multiple AWS Accounts at the Same Time

Introduction

Last week I published my guide to setting up WSL as a cloud dev:

https://krimphove.site/blog/my-wsl-setup-as-a-cloud-dev-getting-the-best-of-both-worlds

One of the tools I recommended to You was awsp-plus. It enables You to switch Your current AWS profile in the console by providing a nice UX. However, there a still quite a few drawbacks. One of which is that it only sets the current profile. You have to check whether you have logged in to that profile and then login if necessary.

This is where Granted comes into play.

What is Granted?

Granted is a CLI tool that allows You to access all of your AWS profiles and easily swap between them. Similar to awsp-plus it displays a list of all Your AWS profiles and you can select one.

Run assume or assume <profile-name>.

After selecting one, it automatically opens the browser and starts the normal authentication process. Using awsp-plus You would have had to run aws sso login manually.

Log in to the AWS web console

Another great feature of Granted is that you also can log in to the AWS web console.

Run assume -c or assume -c <profile-name>.

Depending on Your browser Granted will need You to install a plugin. You will need this plugin to enable multi-account login. Granted utilizes built-in browser features like Firefox containers. This way You can log in to multiple AWS accounts at the same time.

Firefox will display the current container by adding a colored line to the tab. It will also show you the container’s name next to the URL when You open the tab.

You can define the color and the icon Firefox displays yourself, by adding two statements (granted_color and granted_icon) to Your AWS config:

[profile sandbox-01]
sso_start_url = <sso start url>
sso_region = <sso region> 
sso_account_id = <sso account id>
sso_role_name = <sso role name>
region = <region> 
granted_color = blue
granted_icon = circle

I like to color-code my different accounts:

  • blue for sandboxes

  • green for development environments

  • yellow for test environments

  • red for productive environments

This way You can always see what system You are currently on (and also know how careful You have to be).

How to install

Follow Granted’s getting-started guide.

If You want to use it with WSL, first check out my last story on how to set up your WSL. Then head over to my GitHub repo, where You’ll find the latest version of the guide with all the essential information and commands. I will also try to keep it up to date with any changes to the tools I’m using.

https://github.com/lkrimphove/knowledge/blob/main/aws/guide-wsl-cloud-dev-environment.md