Create custom policies that grant both view and full access permissions to the pages within the Billing and Cost Management console. For general information about IAM permission policies, see Managed Policies and Inline Policies.
To create IAM policies that grant permissions to billing data
- Sign in to the AWS Management Console as a user with administrator credentials. To adhere to IAM best practices, don’t sign in with your root user credentials. For more information, see Create individual IAM users.
- Open the IAM console at https://console.aws.amazon.com/iam/.
- In the navigation pane, choose Policies, and then choose Create policy.
- On the Visual editor tab, choose Choose a service to get started. Then choose Billing.
- Follow these steps to create two policies:Full access
- Choose Select actions and then select the check box next to All Actions (*). You do not need to select a resource or condition for this policy.
- Choose Review policy.
- On the Review page, next to Name, typeÂ
BillingFullAccess
, and then choose Create policy to save it.
Read-only access
- Repeat steps 3 and 4.
- Choose Select actions and then select the check box next to Read. You do not need to select a resource or condition for this policy.
- Choose Review policy.
- On the Review page, for Name, typeÂ
BillingViewAccess
. Then choose Create policy to save it.
To review descriptions for each of the permissions available in IAM policies that grant users access to the Billing and Cost Management console, see Billing Permissions Descriptions.