Share Your AWS re:Post Experience - Quick 3 Question Survey

Help us improve AWS re:Post! We're interested in understanding how you use re:Post and its impact on your AWS journey. Please take a moment to complete our brief 3-question survey.

Dieser Inhalt ist in der ausgewählten Sprache nicht verfügbar

Wir arbeiten ständig daran, Inhalte in der ausgewählten Sprache bereitzustellen. Vielen Dank für deine Geduld.

How do I gain access as an AWS account root user to accounts created by Account Factory or Account Vending Machine in AWS Control Tower?

Lesedauer: 2 Minute

I want to gain access to my AWS account as an AWS account root user. The account was created by Account Factory or Account Vending Machine in AWS Control Tower.

Resolution

Sign out from any AWS accounts you're signed into in your browser.
Open the AWS login page.
Note: If you don't have the email address of the account that you want to access, find it in the AWS Control Tower console. Open the Control Tower console for the management account, choose Accounts, and then look for the email address.
For Root user email address, enter the email address of the account that you want to access, and then choose Next.
To have password reset instructions sent to the account root user email address, choose Forgot your password?
Open the password reset email message from the root user mailbox, and then follow the instructions to reset your password.
Note: It's a best practice to activate multi-factor authentication (MFA) for AWS accounts.
Open the AWS login page, and then sign in as root user with your new password.

Related information

Tasks that require root user credentials

Enable multi-factor authentication for your AWS account root user (console)

Unmanage an account

Themen

Management & Unternehmensführung

Tags

AWS Control Tower

Sprache

English

AWS OFFICIALAktualisiert vor 8 Monaten

2 Kommentare

Accounts created by Account Factory do not have MFA enabled (root). Let's say that I want to enable Detect whether MFA for root user is enabled control for a specific OU within AWS Control Tower. Then all the accounts created by Account Factory will result to be non compliant. Is it a best practice to gain access to root accounts by resetting password and enable MFA? Or Should I ignore the warning? Isn't a best practice to have MFA enabled on Root accounts?

Martina

beantwortet vor 8 Monaten

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

MODERATOR

AWS Official

beantwortet vor 8 Monaten

Relevanter Inhalt

Wie kann ich die IAM-Identity-Center-Fehlermeldung „This permission set is currently provisioned in xx AWS accounts“ (Dieser Berechtigungssatz ist derzeit in xx AWS-Konten bereitgestellt) beheben?
AWS OFFICIALAktualisiert vor 3 Jahren
Wie behebe ich die Fehlermeldung „You have exceeded the allowed number of AWS accounts“ für AWS Organizations?
AWS OFFICIALAktualisiert vor einem Monat
Wie erstelle ich eine EventBridge-Ereignisregel, um mich darüber zu informieren, dass mein AWS-Root-Benutzerkonto verwendet wurde?
AWS OFFICIALAktualisiert vor einem Jahr
Warum erhalte ich die Fehlermeldung „You can only join an organization whose Seller of Record is same as your account", wenn ich versuche, einer Organisation beizutreten?
AWS OFFICIALAktualisiert vor 3 Jahren