Step 5: Sign in to the AWS access portal with your administrative credentials - AWS IAM Identity Center (successor to AWS Single Sign-On)

Complete the following steps to confirm that you can sign in to the AWS access portal by using the credentials of the administrative user, and that you can access the AWS account.

Sign in to the AWS Management Console as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password.
Open the IAM Identity Center console.
In the navigation pane, choose Dashboard.
On the Dashboard page, under Settings summary, copy the AWS access portal URL.
Open a separate browser, paste in the AWS access portal URL that you copied, and press Enter.
Sign in by using either of the following:
- If you're using Active Directory or an external identity provider (IdP) as your identity source, sign in by using the credentials of the Active Directory or IdP user that you assigned to the AdministratorAccess permission set in IAM Identity Center.
- If you're using the default Identity Center directory as your identity source, sign in by using the user name that you specified when you created the user and the new password that you specified for the user. For more information, see Use the default directory and create a user in IAM Identity Center.
After you are signed in, an AWS account icon appears in the portal.
When you select the AWS account icon, the account name, account ID, and email address associated with the account appear.
Choose the name of the account to display the AdministratorAccess permission set, and select the Management Console link to the right of AdministratorAccess.

When you sign in, the name of the permission set to which the user is assigned appears as an available role in the AWS access portal. Because you assigned this user to the AdministratorAccess permission set, the role will appear in the AWS access portal as: AdministratorAccess/username
If you are redirected to the AWS Management Console, you successfully finished setting up administrative access to the AWS account. Proceed to step 10.
Switch to the browser that you used to sign into the AWS Management Console and set up IAM Identity Center, and sign out from your AWS account root user.

Important
We strongly recommend that you use the credentials of the administrative user when you sign in to the AWS access portal. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform. To enable other users to access your accounts and applications, and to administer IAM Identity Center, create and assign permission sets only through IAM Identity Center.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Step 4: Set up AWS account access for an administrative user

Step 6: Create a permission set that applies least-privilege permissions