DEV Community

Cover image for How to Enable Multi-Session Support in the AWS Console
Chandegara Rushit
Chandegara Rushit

Posted on

How to Enable Multi-Session Support in the AWS Console

#aws #devops #productivity #cloud

Have you explored AWS Multi-Session Support yet?

You might have spotted the option to enable it in the top-right corner of the AWS Management Console when you're logged in.

Multi-Session AWS Console

AWS has rolled out multi-session support in the AWS Management Console, allowing users to log in to up to 5 accounts simultaneously—be it root, IAM, or federated roles across different accounts or even within the same account.

Gone are the days of logging out and back in repeatedly. With this feature, you can seamlessly switch between dev, staging, and production accounts or roles, all in one browser!

How It Works

  1. Enable Multi-Session: Click your account name in the AWS Console, then select “Turn on multi-session support.”
  2. Add a New Session: Choose “Add session” and sign in to a new AWS account or role in a fresh tab.
  3. Isolated Tabs: Each session opens in its own tab with a unique subdomain, such as:
  4. https://123456789012-abcdefgh.us-east-1.console.aws.amazon.com

Important Notes

  • Supports up to 5 concurrent sessions.
  • Browser-specific – needs to be enabled per browser.
  • Update bookmarks to reflect unique session URLs.

Security Considerations

While this feature is a massive productivity boost, there's a security concern worth noting:

AWS Account IDs in Subdomains

  • Once multi-session support is enabled, the account ID becomes part of the console URL.
  • Even if you use an account alias, the account ID remains visible in the subdomain.
  • Some argue that account IDs should be private, while others see them as mere identifiers.
  • Regardless of where you stand in this debate, AWS account IDs appearing in URLs could potentially expose identifiers that might aid attackers in targeted phishing attempts or enumeration tactics.

Security Considerations

Why This Feature is a Game-Changer

  • Security Investigations: Quickly switch between accounts to analyze events.
  • Support Teams: Troubleshoot issues across multiple environments.
  • DevOps Engineers: Compare configurations between dev, staging, and prod.
  • Cloud Architects: Easily manage multi-account setups.

This feature is currently available in all Commercial AWS Regions and needs to be enabled per browser.

#CloudSecurity #AWSCommunity #AWSSecurity #DevOps #CloudComputing #CloudManagement #SecurityBestPractices #AWSUpdates #DevSecOps

Top comments (0)

Read next

s3cloudhub profile image

AWS CloudFormation: Getting Started with S3 Bucket Creation

S3CloudHub -

fadi-bck profile image

Managing Database Migrations for Multiple Services in a Monorepo with Alembic

Fadi -

kkrolikowski profile image

Setting Up and Handling Email Aliases in AWS SES

Krzysztof Królikowski -

vikasbanage profile image

How to Set Up Cross-Account EventBridge

vikasbanage -