Step 3: Create an administrative permission set

Permission sets are stored in IAM Identity Center and define the level of access that users and groups have to an AWS account. Perform the following steps to create a permission set that grants administrative permissions.

Sign in to the AWS Management Console as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password.
Open the IAM Identity Center console.
In the IAM Identity Center navigation pane, under Multi-account permissions, choose Permission sets.
Choose Create permission set.
For Step 1: Select permission set type, on the Select permission set type page, keep the default settings and choose Next. The default settings grant full access to AWS services and resources using the AdministratorAccess predefined permission set.

Note
The predefined AdministratorAccess permission set uses the AdministratorAccess AWS managed policy.
For Step 2: Specify permission set details, on the Specify permission set details page, keep the default settings and choose Next. The default setting limits your session to one hour.
For Step 3: Review and create, on the Review and create page, do the following:
1. Review the permission set type and confirm that it is AdministratorAccess.
2. Review the AWS managed policy and confirm that it is AdministratorAccess.
3. Choose Create.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Use the default directory and create a user in IAM Identity Center

Step 4: Set up AWS account access for an administrative user

Step 3: Create an administrative permission set

Note