User types - AWS Sign-In

If you can't sign in to AWS, see Troubleshooting sign-in issues. If Troubleshooting doesn't address your issue, contact AWS Support through this form.

User types

How you sign in depends on what type of AWS user you are. You can manage an AWS account as a root user, an IAM user, a user in IAM Identity Center, or a federated identity. You can use an AWS Builder ID profile to access certain AWS services and tools. The different user types are listed below.

Root user

The account owner with complete access to all AWS services and resources. You're the root user if you created the AWS account and you sign in using your root user email and password. For more information, see Root user.

IAM user

An identity within your AWS account that's granted specific custom permissions. You're an IAM user if you didn't create the AWS account and your administrator or help desk employee provided you your sign-in credentials that include an AWS account ID or account alias, an IAM user name, and password. For more information, see IAM user.

IAM Identity Center user

A user whose AWS account is part of AWS Organizations who signs in through the AWS access portal with a unique URL. These users can be either created directly in IAM Identity Center or in Active Directory or an another external identity provider. For more information, see IAM Identity Center user.

You're a user in IAM Identity Center if either of these statements is true:

  • You received an email from your administrator or with an AWS access portal URL.

  • You use the same credentials to sign-in to both corporate systems and the AWS access portal, and your AWS account is part of AWS Organizations.

Federated identity

A user who signs in using an external identity provider (IdP). For more information, see Federated identity.

You're a federated identity if you either:

  • Access your AWS account or resources with third party credentials like Login with Amazon, Facebook, or Google.

  • Use the same credentials to sign in to corporate systems and AWS services and you use a custom company portal to sign-in to AWS.

AWS Builder ID

A personal profile where you specifically sign in to the AWS service or tool that you want to access. You're a AWS Builder ID user if you are signing in to AWS tools and services, such as AWS re:Post, CodeCatalyst, and CodeWhisperer. For more information, see AWS Builder ID user.