AWS Security Blog

Upcoming improvements to your AWS sign-in experience

Starting in mid-2024, Amazon Web Services (AWS) will introduce a series of UI improvements to the AWS sign-in pages. Our primary focus is to revamp the UI, especially the root and AWS Identity and Access Management (IAM) user sign-in page and switch role page. With these design updates, we aim to facilitate smoother transitions and provide clearer access to essential sign-in features. In this blog post, we provide an overview of the upcoming changes.

Redesigned root and IAM user sign-in page

When you visit the updated sign-in page for the root and IAM users, you’ll experience a refreshed interface. We’ve provided clearer form labels, more detailed descriptions, and improved tooltip guidance to distinguish between user types. To address customer feedback, we’ve enhanced compatibility with password managers, offering a smoother auto-fill, and refined the layout for more intuitive navigation.

Note: Although you don’t need to take specific actions to benefit from these updates, if your setup depends on the current UI for automated tasks, you might notice some changes. For the most reliable and stable experience, use the AWS supported options to grant programmatic access to your users. For more information, review the programmatic access options in the documentation.

Figure 1: Root and IAM user sign-in page

Figure 1: Root and IAM user sign-in page

Additionally, to enhance the resilience of IAM user sign-ins, we will introduce improvements that allow the use of Regional endpoints for direct AWS Management Console sign-in within specific AWS Regions. This enhancement will be available ahead of the scheduled UI refresh. For example, the Regional endpoint for the console in the US West (Oregon) Region looks like this: https://us-west-2.console.aws.amazon.com. For a full list of the console Regional endpoints, see AWS Management Console endpoints and quotas.

To provide console access to people, we recommend that you use AWS IAM Identity Center. For more information, see the IAM Identity Center User Guide. However, when you enable programmatic access, you should create IAM users only if necessary for access keys or service-specific credentials. We recommend that you grant programmatic access through IAM roles or IAM Roles Anywhere.

Figure 2: IAM sign-in page

Figure 2: IAM sign-in page

Refreshed switch role page

To further improve the user experience, we are updating the switch role page to match the look and feel of other AWS pages, providing a consistent navigation experience.

Figure 3: Switch role page

Figure 3: Switch role page

Conclusion

We’re excited to introduce these improvements to the AWS sign-in experience, set to launch in mid-2024. We encourage users who rely on the current UI for automated tasks to familiarize themselves with the changes. By making sure that your systems and process are aligned with the new interface, you can help maintain a smooth transition.

If you have questions or feedback, start a new thread in IAM re:Post or reach out to AWS Support.

Want more AWS Security news? Follow us on Twitter.

Khaled Zaky

Khaled Zaky

Khaled is a Senior Product Manager – Technical at AWS, specializing in AWS Identity products with a focus on enhancing user authentication and security. With a passion for customer-centric, secure cloud solutions, he contributes to standards organizations such as W3C WebAuthn and FIDO Alliance. Outside of work, Khaled teaches product management and enjoys road cycling, Taekwondo, and DIY home renovations.