By default, IAM users will not be allowed to access the Billing dashboard. This is true even if the user has AdministratorAccess permission. If you use AWS as a non-root/owner account user, but require access to billing and payment, here’s how you can do it.
Create billing IAM policies
- Go to IAM: https://console.aws.amazon.com/iam/
- Select Policies > Create policy
- Choose a service > Enter “Billing”
- Check
All billing actions
- Review > name it “BillingFullAccess” > Create policy
Attach billing policy
You can attach billing policy to users or user groups. For simplicity, let’s assume we are applying it a user.
- Go to IAM: https://console.aws.amazon.com/iam/
- Select users > choose the user that you want to apply
- Select Add permissions > Attach existing policies directly
- Check
BillingFullAccess - Review > Add permission
Activating access to the AWS billing console
From AWS documentation,
By default, IAM users and roles within an AWS account can’t access the Billing console pages. This is true even if the IAM user or role has IAM policies that grant access to certain Billing features.
The last step is to enable this permission. To do so,
- Sign in as root/account owner
- Click on your username on the top right and select Account
- Scroll down to IAM User and Role Access to Billing Information
- Click Edit, check
Activate IAM Access - Update
And it’s done. You can now login as the IAM user and access the billing dashboard.