Updated: Oct 11
Learn to enable AWS IAM Identity Centre.
Learn to create an admin user using AWS IAM Identity Centre.
Step 1: signing to the AWS Management Console.
New to AWS (root user) – Sign in as the account by choosing Root user and entering your email and password.
Step 2: IAM Identity Centre
In the navigation search for IAM and Open the IAM Identity Centre.
Note: You can enable this service only in one region. Here we are using Mumbai region. Choose your preferred region.
Click on Enable (If prompted to create AWS Organisation do it)
You will be redirected to following window.
Step 3: Create User
click on create user.
Select Add user.
Under Specify user details Fill and replace your details with New admin user.
3. Schroll down and click on next. Under Add user to groups click on create group.
Note: This step is optional if you don’t want to create group you can skip this stage and click on next.
4. Under Review and add user tab review your details keep the rest default and click on Add user
5. You will see the following window.
Step 3: Multi-account permissions.
Under Multi-account permissions choose Permission sets, under Permission sets choose Permission sets.
Click on create permission set,
Now you will see the following window,
Select permission sets type choose Predefined permission set, scroll down.
Under Policy for predefined permission set list choose Administrator Access. And click on next.
Under Permission set details review your Permission set name and scroll down and change the Session duration time to your prefer time, here we are giving 2 hours access to user.
Click on next to review tab. Review the details and click on create.
Here you can see the permissions set.
Step 4: In the navigation pane, under Multi-account permissions, choose AWS accounts
1. On the AWS accounts page, a tree view list of your accounts appears.
2. Select the check box next to the AWS account to which you want to assign
3. Click on Assign users or groups.
Under user tab now you can see the new user.
On the Users tab, select the user to whom you want to grant administrative permissions. And click on next.
Now select permission set we created in Step 3.
Click on next.
Review everything and click on submit.
Step 5: You will receive confirmation mail in your e-mail box. Click on Accept invitation.
Note: This invitation link is valid for next 7 days.
Click on Accept invitation, it will redirect you to following window.
Now Set the new password for new user.
Go back to IAM Identity Center console and go to User and click on the user
(New-admin user) we created.
Step 6: Login as AdministratorAccess.
In the navigation pane, choose Dashboard.
On the Dashboard page, under Settings summary, copy the AWS access portal URL.
Open a separate browser, paste the AWS access portal URL that you copied, and press Enter.
You can also login using Invitation link you received in step 5.
Step 7: Login using Username and password,
After you are signed in, an AWS account icon appears in the portal.
select the AWS account icon, the account name, account ID, and email address associated with the account appear.
Choose the name of the account to display the AdministratorAccess permission set and select the Management Console link to the right of AdministratorAccess.
You will be redirected to the AWS Management Console.
If you no longer need IAM Identity Centre, then Sign out and delete the IAM Identity Centre.
Step 8:Delete IAM Identity Centre
login as root again
Go to IAM Identity Centre dashboard,
Then Settings summary,
Go to setting,
Click on Management
Scroll down and press delete.
Tick mark all boxes and press confirm.
Was this document helpful? How can we make this document better. Please provide your insights. You can download PDF version for reference.
For your aws certification needs or for aws learning contact us.