I have created an aws account via AWS Organization through aws cli. How can I get the list of ec2 instances on the created member aws account? How can I access it without recovering root password?
finally I was able to to get ec2 instance list automatically, without any manual actions. Once Member account has been created AWS automatically creates OrganizationAccountAccessRole role. Switching to that role it is possible to get admin access on member account. This is the code to switch to that role
sts_client = self.aws_service.create_aws_sts()
assumed_role_object = sts_client.assume_role(
RoleArn="arn:aws:iam::{account_id}:role/OrganizationAccountAccessRole",
RoleSessionName="AssumeRoleSession1"
)
credentials = assumed_role_object['Credentials']
s3_resource=boto3.resource(
'ec2',
aws_access_key_id=credentials['AccessKeyId'],
aws_secret_access_key=credentials['SecretAccessKey'],
aws_session_token=credentials['SessionToken'])
for instance in s3_resource.instances.all():
print(instance.Id)
Hope it will help who had similar question,