# Switch from Access Key to Assumed Role For more information on access keys vs assumed roles read our documentation here: [Amazon Web Services](/system/data-sources/amazon-web-services.md). {% hint style="warning" %} Switching from an access key to an assumed role is permanent. After you make this change, you can’t switch back to using an access key for this data source. If you later want to use an access key again, you’ll need to delete the data source and recreate it with access key credentials. This will delete all existing data for this data source and require a full reimport of the resource and billing data. If you are changing an AWS organizations management account, this will also affect the billing data of any member account data sources linked to that management account. {% endhint %} ## How to switch from using an access key to an assumed role {% stepper %} {% step %} ### Create a new IAM role If you're currently using access keys, you may not have configured an IAM role with a trust policy. To do this, follow the instructions under **Creating a new IAM role** on this page: [Configure AWS Access](/system/data-sources/amazon-web-services/configure-aws-access.md#aws-iam-assumed-role) {% endstep %} {% step %} ### Update your AWS data source in FinOps for Cloud 1. Navigate to **Data sources** in FinOps for Cloud 2. Click on the AWS data source you wish to change to an assumed role. 3. Click on **Update credentials** at the top right of the data source details screen. 4. Under the **Authentication** heading, toggle the authentication type to **Assumed role**. 5. Enter the name of your assumed role in the **Assumed Role Name** field. 6. Click **Save**. {% endstep %} {% endstepper %} ## What to expect after the change Once you have switched from using an access key to an assumed role, the billing import and resource discovery for the account in question will continue uninterrupted. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.finops.softwareone.com/system/data-sources/amazon-web-services/switch-from-access-key-to-assumed-role.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.