Quick links to common tasks
Use the following links to get help with common tasks associated with IAM.
- Sign in for different user types
-
Sign in to the IAM console
by choosing IAM user and entering your AWS account ID or account alias. On the next page, enter your IAM user name and your password. To sign in with your IAM Identity Center user, use the sign-in URL that was sent to your email address when you created the IAM Identity Center user.
For help signing in using an IAM Identity Center user, see Signing in to the AWS access portal in the AWS Sign-In User Guide.
Sign in to the AWS Management Console
as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password. See What is AWS Sign-In in the AWS Sign-In User Guide for help determining your user type and sign-in page.
- Manage passwords for users
-
You need a password in order to access the AWS Management Console, including access to billing information.
For your AWS account root user, see Change the password for the AWS account root user in the AWS Account Management Reference Guide
For an IAM user, see Managing passwords for IAM users.
- Manage permissions for users
-
You use policies to grant permissions to the IAM users in your AWS account. IAM users have no permissions when they are created, so you must add permissions to allow them to use AWS resources.
To provide access, add permissions to your users, groups, or roles:
-
Users and groups in AWS IAM Identity Center:
Create a permission set. Follow the instructions in Create a permission set in the AWS IAM Identity Center User Guide.
-
Users managed in IAM through an identity provider:
Create a role for identity federation. Follow the instructions in Creating a role for a third-party identity provider (federation) in the IAM User Guide.
-
IAM users:
-
Create a role that your user can assume. Follow the instructions in Creating a role for an IAM user in the IAM User Guide.
-
(Not recommended) Attach a policy directly to a user or add a user to a user group. Follow the instructions in Adding permissions to a user (console) in the IAM User Guide.
-
For more information, see Managing IAM policies.
-
- List the users in your AWS account and get information about their credentials
- Add multi-factor authentication (MFA)
-
To add a virtual MFA device, see one of the following:
To add a FIDO security key, see one of the following:
To add a hardware MFA device, see one of the following:
- Get an access key
-
You can use an access key to make AWS requests using the AWS SDKs
, the AWS Command Line Tools , or the API operations. Important
As a best practice, use temporary security credentials (such as IAM roles) instead of creating long-term credentials like access keys. Before creating access keys, review the alternatives to long-term access keys.
For guidance to help you protect your access keys, see Securing access keys.
To learn about managing access keys for an IAM user, see Managing access keys for IAM users.
For more information about the security credentials available for your AWS account, see AWS security credentials.
- Tag IAM resources
-
You can tag the following IAM resources:
-
IAM users
-
IAM roles
-
Customer managed policies
-
Identity providers
-
Server certificates
-
Virtual MFA devices
To learn about tags in IAM, see Tagging IAM resources.
To learn about using tags to control access to AWS resources, see Controlling access to AWS resources using tags.
-
- View the actions, resources, and condition keys for all services
-
This set of reference documentation can help you write detailed IAM policies. Each AWS service defines the actions, resources, and condition context keys that you use in IAM policies. To learn more, see Actions, Resources, and Condition Keys for AWS Services.
- Get started with all of AWS
-
This set of documentation deals primarily with the IAM service. To learn about getting started with AWS and using multiple services to solve a problem such as building and launching your first project, see the Getting Started Resource Center
.