From ad20320d41bb786caea7132aac984fc067e8f1b2 Mon Sep 17 00:00:00 2001
From: Daniel Fangl <daniel.fangl@gmail.com>
Date: Thu, 13 Apr 2023 19:33:31 +0200
Subject: [PATCH] fix access key storage for different accounts (#6210)

---
 moto/sts/models.py                     |  3 ++-
 tests/test_sts/test_sts_integration.py | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/moto/sts/models.py b/moto/sts/models.py
index 950f0df44..bf0641b55 100644
--- a/moto/sts/models.py
+++ b/moto/sts/models.py
@@ -99,7 +99,8 @@ class STSBackend(BaseBackend):
             duration,
             external_id,
         )
-        self.assumed_roles.append(role)
+        account_backend = sts_backends[account_id]["global"]
+        account_backend.assumed_roles.append(role)
         return role
 
     def get_assumed_role_from_access_key(self, access_key_id):
diff --git a/tests/test_sts/test_sts_integration.py b/tests/test_sts/test_sts_integration.py
index 26bf8c335..3867fa837 100644
--- a/tests/test_sts/test_sts_integration.py
+++ b/tests/test_sts/test_sts_integration.py
@@ -24,6 +24,17 @@ class TestStsAssumeRole(unittest.TestCase):
         )
 
         # Assume the new role
+        sts_account_b = boto3.client(
+            "sts",
+            aws_access_key_id=response["Credentials"]["AccessKeyId"],
+            aws_secret_access_key=response["Credentials"]["SecretAccessKey"],
+            aws_session_token=response["Credentials"]["SessionToken"],
+            region_name="us-east-1",
+        )
+        assumed_arn = sts_account_b.get_caller_identity()["Arn"]
+        assumed_arn.should.equal(
+            f"arn:aws:sts::{self.account_b}:assumed-role/my-role/test-session-name"
+        )
         iam_account_b = boto3.client(
             "iam",
             aws_access_key_id=response["Credentials"]["AccessKeyId"],