Manage AWS Account Permissions

Setup administrative access to the new account

When you create an account in your organization, in addition to the root user, AWS Organizations automatically creates an IAM role that is by default named OrganizationAccountAccessRole. This role has full administrative permissions in the member account. You can access the account by using the preconfigured role that exists in all new accounts that you create using AWS Organizations. See Accessing a member account that has a management account access role.

Grant admin access

To grant admin access to an AWS account you can use the IAM Identity Center to manage permissions using roles, groups and policies.

References

Create an AWS Account

Accessing and administering the member accounts in your organization

Accessing a member account that has a management account access role