At my current job, I have a need to be access multiple AWS accounts. Generally we follow the AWS best practices for security and set up IAM accounts with restricted functionality that can access only the resources that are appropriate for the completion of the task at hand. At this point we've looked at federation technologies (such as SAML), but haven't yet implemented this.