- Newest
- Most votes
- Most comments
The issue you're experiencing with access to billing details is a common one, even after being granted permissions by an administrator. There are a few key steps that need to be taken to ensure IAM users can access billing information:
-
Activate IAM user access to billing information: By default, even if IAM users are granted billing-related permissions, they cannot view billing information. The AWS account root user needs to explicitly activate this feature.
-
Ensure proper IAM policies are attached: The administrator (in this case, Pablo) needs to attach the appropriate IAM policies to your user or to a group you're a member of. These policies should include permissions for viewing and accessing billing information.
-
Verify the policies: Make sure the policies attached to your IAM user or group include the necessary permissions for accessing the Billing and Cost Management console.
-
Wait for data preparation: Sometimes, when you first access the Billing and Cost Management console, AWS needs time to prepare your cost and usage data. This process can take up to 24 hours.
To resolve this issue, I recommend the following steps:
-
Ask Pablo (as the root user) to verify that IAM user access to billing information has been activated for the account.
-
Have Pablo review the IAM policies attached to your user or group to ensure they include the necessary permissions for billing access.
-
If the above steps have been completed correctly, try logging out and logging back in to refresh your session.
-
If you're still unable to access the billing information after 24 hours, it may be worth contacting AWS support for further assistance.
Remember, granting access to billing information is a two-step process: activating IAM access for billing and attaching the appropriate IAM policies. Both steps are necessary for IAM users to view and manage billing information.
Sources
Troubleshooting AWS Billing identity and access - AWS Billing
Billing: Access Denied | AWS re:Post
Overview of managing access permissions - AWS Billing
There is an AWS-managed policy for the Billing job function which sounds like what you need https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_accounts-payable
Get this policy attached to your user, either directly in IAM or as a Permission Set in IAM Access Analyser.
If the AWS account is part of AWS Organisations then check to see that any billing:
actions are not restricted for users of the account.
Already attached but still doing nothing. Apparently the problem was that my boss didn't go through the feature list to enable IAM access to billing information to begin with. He did that this morning; will check this when I get home this afternoon.
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 2 months ago
I suggest removing your boss's name and the name of the organisation you work for. It doesn't add any value to your question, and it could have negative consequences further down the line.