The administrator of an AWS account has left the company. How do I access this AWS account?
Last updated: 2020-06-22
A former member of my company or organization administered an AWS account. I need access to the company account that they administered, but I don’t have the credentials to sign in to the account.
To access an account as a root user, you need the email address and password associated with the account. To access the account as an AWS Identity and Access Management (IAM) user, you need the user name and password for that IAM user.
If your multi-factor authentication (MFA) device is lost or broken, and you are unable to retrieve the MFA token, see How do I remove a lost or broken MFA device from my AWS account?
The simplest way to get the credentials for the account is to ask the former administrator of the account.
If that's not possible, try the following:
- If the email address is associated with a corporate domain and you've either forgotten or misspelled the alias, it's a best practice that you contact your email administrator to discuss options that can help you gain access to the email address. Ask your email administrator if they can give you access to the email address, or pass along a password reset email for the account.
- You can also set up a catch-all account to help you retrieve emails sent to the email address, such as the password reset email from Amazon. A catch-all account is an email address that collects all emails addressed to your domain, including email addresses unknown to the server. A catch-all account is also used to catch and store emails addressed to misspelled recipients in a domain. After retrieving the password reset email, click the link in the email, and then reset the root password for the AWS account. After resetting the root password, sign in to the Account Settings page, and then update the email address on the account.
Note: The password reset email is sent from firstname.lastname@example.org if the account was created before August 28, 2017, or from email@example.com if the account was created after August 28, 2017.
- If you have root access to the account, but don't know the password for a particular IAM user, sign in as the root user, and then change the password.
Important: AWS Support can't change the root or IAM credentials on an account for any reason.