| « PreviousNext » | |
   | Did this page help you? Yes | No | Tell us about it... |
Deactivating an MFA Device
You can temporarily disable an MFA device by deactivating it. If you are using the
IAM API or CLI, then you deactivate an MFA device with the IAM DeactivateMFADevice API action or the iam-userdeactivatemfadevice command.
Note
If you use the API or CLI to delete a user from your AWS account, you must deactivate or delete the user's MFA device as part of the process of removing the user. For more information about deleting users, see Deleting a User from Your AWS Account.
If you are using the AWS Management Console to deactivate the device for a user under your AWS account, the following procedure describes the steps. The process to deactivate an MFA device for the root account is described in Deactivating Your AWS Account's MFA Device.
Deactivating a User's MFA Device
To deactivate a user's MFA device
On the IAM console, click Users, and then select the name of the user for whom you want to deactivate a device.
Click the Security Credentials tab, and then click Manage MFA Device.
Select Deactivate MFA device.
Click Update.
The user's device is deactivated.
Deactivating Your AWS Account's MFA Device
You can temporarily deactivate our AWS account's MFA device.
To deactivate the MFA device for your AWS account
Use your root credentials to sign in to the AWS Management Console, then go to the IAM console.
Note
To manage MFA devices for the AWS account, you must be signed in to AWS using your root account credentials. You cannot manage MFA devices for the root account using other credentials.
From the IAM Dashboard, click Manage MFA Device.
Select Deactivate this device.
The MFA device is deactivated for the AWS account.
