Role for cross-account access

This role supports two scenarios, the first enabling access between your multiple AWS accounts and the second enabling access to your AWS account by resources in other AWS accounts that are not owned by you. Roles are the primary way to support scenarios for cross-account access and enabling delegation. You can use this role to delegate permissions to another IAM user.

The following figure shows the various options available for cross-account access: