How can I add multiple Firewall Manager admininstrator accounts?

2 minute read

I want to add multiple AWS Firewall administrators to manage firewall resources in my AWS Organizations organization.

Short description

You can have up to 10 Firewall Manager administrators to manage the firewall resources of your organization. For example, you can have one administrator manage a set of organizational units (OUs) for your organization. You can also delegate another administrator to manage only specific Firewall Manager policy types.


Follow these steps to create another Firewall Manager administrator account to manage the security policies for your organization.

Note: If you didn't set up Firewall Manager for an AWS account, then first set one up.

1.    Open the Firewall Manager console with your management account.

2.    In the navigation pane, expand AWS Firewall Manager, and then choose Settings. Note the Default administrator account. This is the default Firewall Manager account is the first administrator account that was created.

3.    In Settings, choose Create administrator account.

4.    In Administrator account ID, enter the AWS account to set as another Firewall Manager administrator.

5.    Choose the Administrative Scope dropdown menu, and then choose either Full or Restricted.

Note: Full scope gives the administrator full access to all of the preceding resource types. Restricted scope gives administrative permission to only a subset of the preceding resources. It's a best practice to grant administrators only the necessary permissions to perform the duties of their role.

6.    Choose Create administrator account.

For more information, see Working with AWS Firewall Manager administrators.

Related Information

Managing the AWS accounts in your organization

AWS Firewall Manager prerequisites

Firewall Manager quotas

AWS OFFICIALUpdated a year ago