AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Cross Account Access – Roles and Permissions

In the current CSAP course in the "Cross Account Access –  Roles & Permissions" lecture,  Ryan logs into the AWS console of the production account to set up a cross account access role with the accounts root credentials. Is using the root user account a requirement when setting up a cross account role? Or does a user with administrator access to the account have sufficient rights to create the role? As he is actually creating a trust between two accounts it’s seems logical that only a root account would have the rights to create such a role. It’s not clear in the lecture if having root credentials is a requirement. Thanks in advance.


I guess I could have just tested it but…. I take the professional exam in 2 days and I am close to hitting a wall. 😐

1 Answers

Hi Darrel,

If I understand what you’re referring to, you don’t have to use the root account…just an IAM user with account admin access.  There are very few things that require you to use a root account and I expect this to decrease even more.  AWS discourages use of root for much of anything.

This might help you too:

Good luck on the exam!


Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?