Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Skip to main content

AWS Console Mobile Application

AWS Console Mobile Application FAQs

Page topics

Sign-in
2
General
15

Sign-in

Open all

The Console Mobile Application supports several authentication methods, including owner/root credentials, IAM user credentials, and federated login via AWS Single Sign-On, Microsoft Active Directory and third-party identity providers. An owner account is the AWS login that created the account. An IAM user is an identity that has been created by an administrator through the IAM service. Note that IAM users need to also provide their account alias, which can be found at the top of the Management Console sign-in screen. We recommend using either IAM user credentials or a federated role to log in to the Console Mobile Application.

For security reasons, we recommend that you secure your device with a passcode and that you follow an AWS best practice by creating and using an IAM user's credentials to sign in to the app. If you lose your device, an IAM user can be deactivated to prevent unauthorized access. Root accounts cannot be deactivated.

Click here to learn more about the different types of AWS security credentials.

You can setup biometrics authentication on supported iOS and Android devices running Console Mobile Application v2.0+.

General

Open all

The AWS Console Mobile App supports password managers that are integrated with the mobile operating systems maintained by Apple (iOS) and Google (Android). E.g., iCloud Passwords and Keychain, Google Chrome Password Manager, Samsung Pass, etc.

The AWS Console Mobile App supports all FIDO certified hardware authenticators (E.g., YubiKey) for MFA. Click here for a complete list of FIDO certified hardware authenticators.

The AWS Console Mobile App supports software authenticators such as Google Authenticator, Microsoft Authenticator, and LastPass Authenticator. Click here for a full list of supported software authenticators.

If your organization does not allow the use of password managers or auto-fill, then you will need to sign in to your AWS identity in the AWS Console Mobile App by entering your AWS identity’s password.

Yes, on iOS and Android V2.0+.

Download the Console Mobile Application from the Apple App Store, the Google Play Store, or the Amazon App Store.

iOS 14.0+ and Android 8.0+ are supported.

The Console Mobile application is optimized for iOS and Android mobile devices with a screen size < 7”, however it works on larger mobile screen sizes as well.

Yes, you can view your current usage charges in the Console Mobile Application. Simply visit your Billing Preferences page and select the checkbox to Receive Billing Alerts. In order to view usage charges, your identity must have permission to view CloudWatch.

Yes. We recommend using either a hardware MFA device or a virtual MFA on a separate mobile device for the greatest level of account protection.

Currently the only way to create resources from the mobile app is to do so through the AWS CloudShell service using the AWS Command Line Interface (AWS CLI). Otherwise, you can view and sometimes modify resources within the app's graphical user interface, however you cannot create resources through the graphical user interface.

You can use The Console Mobile Application to generate a pre-signed URL for an S3 object. A pre-signed URL grants time-limited permission to download the object. Read more about pre-signed URLs here.

In order to open a pre-signed URL for an S3 object in your device's browser, use the app to navigate to the S3 object's detail page and tap "View in browser". Your device configuration will determine what actions are possible with the object.

You can search and view all CloudWatch custom dashboards that your AWS identity has permissions to access. CloudWatch automatic dashboards are not yet supported in the AWS Console Mobile App.

We strongly recommend that in addition to using a password or biometric lock on your mobile device, you use an IAM user to manage AWS resources. If you lose your mobile device, you can remove the IAM user's access.

Yes. Click the Feedback button in the Console Mobile Application's menu. We’re eager to hear about your experience.