Quick links to common tasks - AWS Identity and Access Management

Quick links to common tasks

Use the following links to get help with common tasks associated with IAM.

Sign in for different user types

Sign in to the IAM console by choosing IAM user and entering your AWS account ID or account alias. On the next page, enter your IAM user name and your password.

To sign in with your IAM Identity Center user, use the sign-in URL that was sent to your email address when you created the IAM Identity Center user.

For help signing in using an IAM Identity Center user, see Signing in to the AWS access portal in the AWS Sign-In User Guide.

Sign in to the AWS Management Console as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password.

See What is AWS Sign-In in the AWS Sign-In User Guide for help determining your user type and sign-in page.

Manage passwords for users

You need a password in order to access the AWS Management Console, including access to billing information.

For your AWS account root user, see Change the password for the AWS account root user in the AWS Account Management Reference Guide

For an IAM user, see Managing passwords for IAM users.

Manage permissions for users

You use policies to grant permissions to the IAM users in your AWS account. IAM users have no permissions when they are created, so you must add permissions to allow them to use AWS resources.

To provide access, add permissions to your users, groups, or roles:

For more information, see Managing IAM policies.

List the users in your AWS account and get information about their credentials

See Getting credential reports for your AWS account.

Add multi-factor authentication (MFA)

To add a virtual MFA device, see one of the following:

To add a FIDO security key, see one of the following:

To add a hardware MFA device, see one of the following:

Get an access key

You can use an access key to make AWS requests using the AWS SDKs, the AWS Command Line Tools, or the API operations.

Important

As a best practice, use temporary security credentials (such as IAM roles) instead of creating long-term credentials like access keys. Before creating access keys, review the alternatives to long-term access keys.

For guidance to help you protect your access keys, see Securing access keys.

To learn about managing access keys for an IAM user, see Managing access keys for IAM users.

For more information about the security credentials available for your AWS account, see AWS security credentials.

Tag IAM resources

You can tag the following IAM resources:

  • IAM users

  • IAM roles

  • Customer managed policies

  • Identity providers

  • Server certificates

  • Virtual MFA devices

To learn about tags in IAM, see Tagging IAM resources.

To learn about using tags to control access to AWS resources, see Controlling access to AWS resources using tags.

View the actions, resources, and condition keys for all services

This set of reference documentation can help you write detailed IAM policies. Each AWS service defines the actions, resources, and condition context keys that you use in IAM policies. To learn more, see Actions, Resources, and Condition Keys for AWS Services.

Get started with all of AWS

This set of documentation deals primarily with the IAM service. To learn about getting started with AWS and using multiple services to solve a problem such as building and launching your first project, see the Getting Started Resource Center.