Signing in to the AWS Management Console - AWS Sign-In

If you can't sign in to AWS, see Troubleshooting sign-in issues or contact AWS Support.

Signing in to the AWS Management Console

To sign in to the AWS Management Console, choose your user type. The account root user or account owner has unrestricted account access and is associated with the person who created the AWS account. The root user or an IAM administrator then creates other types of users and assigns them access credentials.


    AWS Management Console sign-in page diagram.

If you choose an unintended user type or use credentials that aren't for the user type you select, you might receive an error message similar to the following image. For your security, error messages are generic by design. The error messages don't explicitly state if you've selected the unintended user type or sign-in scenario. If you verify that your sign-in credentials are correct and you receive an error message while attempting to sign in, we recommend that you try to sign in as another user type.


    AWS Management Console sign-in page error message.

For more information about the different kinds of users, see About user types.

For more information about troubleshooting your sign-in issues, see My credentials aren't working.

The following GIF shows an IAM Identity Center user attempting to sign in to the AWS Management Console. IAM Identity Center users can't sign in with the AWS Management Console. They sign in through the AWS access portal.


    Animated GIF showing a IAM Identity Center user attempting to sign in to the AWS Management Console.

For more information on signing in to the AWS Management Console, see the following video.

Signing in as the root user

The root user has complete access to all AWS services and resources in the account. The root user is automatically created when the AWS account is created. The root user creates the AWS account.

Requirements

Before you sign in to an AWS account as the root user, gather the following information:

  • The email address used to create the AWS account

  • The password for the root user

Important

When you create an AWS account, you begin with one sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that you used to create the account. We strongly recommend that you do not use the root user for your everyday tasks. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform. For the complete list of tasks that require you to sign in as the root user, see Tasks that require root user credentials in the AWS General Reference.

To sign in to an AWS account as the root user

  1. Open the AWS Management Console at https://console.aws.amazon.com/.

  2. If you have not signed in previously using this browser, the main sign-in page appears. Root user is selected by default. Enter the email address associated with your account and choose Next.

    Note

    If you have previously signed in as a root user in this browser, your browser might remember the email address for the AWS account. If so, you'll see the screen shown in the next step instead.

    If you have signed in previously as an IAM user using this browser, your browser might display the IAM user sign in page instead. To return to the main sign-page, choose Sign in using root user email.

  3. You might be prompted to complete a security check as shown in the following image. Complete the security check to move to the next step.

  4. Enter your password and choose Sign in.

The following animated GIF demonstrates how to successfully sign in to the AWS Management Console as a root user.


      Animated GIF showing a root user successfully signing in to the AWS Management Console. For the text
       version of this animated GIF, see the steps in the following procedure.

For step-by-step directions on how to reset the root user password, see I forgot my root user password for my AWS account.

Signing in as an IAM user

An IAM user represents the person or service that uses the IAM user to interact with AWS resources. These users are identities within your AWS account that have specific custom permissions. For example, IAM users have permissions to create a directory in AWS IAM Identity Center. IAM user names are unique within a single account. You can use the same user name in multiple accounts. This is why you have to indicate which account you're signing in to.

For more information about AWS Identity and Access Management, see What is Identity and Access Management? and Identity and Access Management for AWS Account Management.

Requirements

Gather the following information before you sign in. If you do not have this information, contact the administrator of the AWS account.

  • The 12-digit AWS account ID or the account alias

  • The user name or email address for your IAM user

    • The IAM user name is created by the account administrator

  • The password for your IAM user

Note

Your AWS account ID or alias can be found in the AWS Management Console. You must sign in to the AWS Management Console to view your AWS account ID or alias. If you are not signed in the AWS Management Console, contact your administrator for the information. For more information, see Your AWS account ID and its alias.

For more information about signing in as an IAM user with a MFA device, see Using MFA devices with your IAM sign-in page.

If you are an IAM user, you can sign in using either the AWS Management Console or the IAM user sign-in URL.

To sign in to the AWS Management Console:

  1. Open the AWS Management Console https://console.aws.amazon.com/.

  2. If you have not previously signed in using this browser, the main sign-in page appears. Choose IAM user, enter the account ID (12 digits) or alias, and choose Next.

    Warning

    Do not use your user name or email address in this field. You must use the root user email address, the account ID, or the account alias in this field.

    Note

    You might not have to enter your account ID or alias if you've previously signed in as the IAM user with your current browser. Your browser might remember this information. If so, you'll see the screen shown in the next step instead.

  3. Enter your IAM user name and password and choose Sign in.

    Note

    Choose Sign in using root user email to return to the main sign-in page if you previously signed in as an IAM user for a different AWS account in this browser, or you need to sign in as a root user.

To learn how to sign in to the AWS Management Console as an IAM user, see the following GIF.


      Animated GIF showing a IAM user successfully sign in to the AWS Management Console. For the text
       version of this animated GIF, see the steps in the following procedure.

For more information about signing in with multi-factor authentication (MFA) devices, see Using MFA devices with your IAM sign-in page.

For step-by-step directions on how to reset the IAM user password, see I forgot my IAM user password for my AWS account.

To sign in with the IAM user sign-in URL:

  1. Open a browser and enter the following sign-in URL, replacing account_alias_or_id with the account alias or account ID provided by your administrator:

    https://account_alias_or_id.signin.aws.amazon.com/console/

    For example, the following URL represents an account with 111122223333 as the account ID.

    https://111122223333.signin.aws.amazon.com/console/
  2. Enter your IAM user name and password. Then, choose Sign in.

For more information about signing in with multi-factor authentication (MFA) devices, see Using MFA devices with your IAM sign-in page.

For step-by-step directions on how to reset the IAM user password, see I forgot my IAM user password for my AWS account.