In the left navigation bar, click Roles, then select the newly created IAM Role lab44-RoleFullAccess
In the Trust relationships tab, click Edit trust relationship, add Condition as shown below, then click Update Trust Policy
After updating the trust policy, Condition section is added with IP information that is allowed to perform switch role
Go back to the log in session of the user No-permission-user, perform the switch role again, we will receive the error message as shown below because we are accessing the service from a device that does not have an IP like within the conditions of.