Skip to main content

Viewing Core Account resources as a Member Account Developer


To view core account resources (that is resources created in a core account and shared to member accounts) developers can switch to Read-only roles to view their created resources.

Switching Roles

1) Log in (to your member account) the AWS Console using SSO. Click the drop down menu at the top right and choose Switch Role.

2) To view VPCs and lower level DNS resources (eg use the member-delegation-read-only role and use the account aliases for each Core VPC account:

core-vpc-development core-vpc-test core-vpc-preproduction core-vpc-production

Switch roles to view VPC resources

3) To view higher level DNS resources (eg., or to view Network Firewall resources (eg. CloudWatch logs or Network Firewall policies) use the read-log-records role and use the account alias for the Core Network account:


Switch roles to view DNS resources

4) To view Shared Services resources i.e AMIs created and shared, use the member-shared-services role and use the account alias for the Shared Services account:


Switch roles to view Shared Services resources

This page was last reviewed on 14 June 2024. It needs to be reviewed again on 14 December 2024 by the page owner #modernisation-platform .
This page was set to be reviewed before 14 December 2024 by the page owner #modernisation-platform. This might mean the content is out of date.