In this blog post, I will show you how I give non-root AWS account access to AWS billing using the AWS management console.
By default, on the root AWS account has access to the AWS Billing console which allows viewing invoices and service usage.
To add non-AWS root users access to the Billing console we need to follow the process below.
To get started, I will let my non-root administrator account access to my AWS Billing console.
In order to do it, I will log in to the AWS Console using the root account.
From the Console, I will click on My Account
Under IAM Users and Role Access to Billing Information, I will tick the checkbox “Activate IAM Access” and click on Update.
From the Identity and Access Management (IAM) management console I will click on Policies.
Click on Create Policy
In the Create Policy page, Search for Billing on the service search box
For full access policy, I select “All actions“
Click on Review policy
In the Review Policy page, I will name the policy BillingFullAccess and click on Save
Now, I will attach the policy to my Administrators group which includes my non-root Administrator account.
Within the Policies page, I will search for the billing policy (BillingFullAccess).
From the BillingFullAccess page, I will click on the Policy usage page and click on Attach.
In Attach policy page, I will select Administrators (this can be changed and you can select a different group).
At this stage, the policy is in place and all the users that are part of the Administrators user group can access the Billing section.