Networking, Identity & Private Connectivity

Federating IAM Roles into the Claude Console

On Claude Platform on AWS there are no Claude Console usernames and passwords to manage. Console access is an IAM permission, and the sign-in is a federated redirect from the AWS Console.

Claude 3P 101 · Updated July 2026 · Unofficial guide

Signing up for Claude Platform on AWS provisions a new Anthropic organization tied to your AWS account, and that organization has a web UI: the Claude Console at platform.claude.com, where teams inspect usage, cost, workspaces, and resources like Files and Skills. But unlike a first-party Anthropic org, nobody in your company gets a Claude Console login. Access is federated through AWS IAM — your existing identity system decides who can enter, and users materialize on Anthropic's side only when they first walk through the door.

The flow, step by step

A user (or their SSO-assumed role) needs the IAM action aws-external-anthropic:AssumeConsole. With it, they open the Claude Platform on AWS page in the AWS Console and click "Open Claude Console." AWS issues a short-lived JWT — a signed token asserting the caller's AWS identity — and redirects the browser to platform.claude.com, where the token is exchanged for a Console session. No password, no separate MFA enrollment, no invitation email: the AWS Console session is the authentication, and everything your organization enforces in front of it (SSO, MFA, session policies) automatically fronts the Claude Console too.

On first sign-in, the user is provisioned just-in-time: an account is created in the Anthropic organization at that moment, marked with an "Account managed by AWS" indicator in the Console sidebar. There is no user list to pre-populate and, correspondingly, no Members page to manage — membership administration happens in AWS, by granting or revoking the IAM action. One quirk to know: the Console does not support organization switching for Claude Platform on AWS accounts. To work in a different org, sign out and re-enter through the AWS Console.

AssumeConsole is a route-less action — and not in most managed policies

AssumeConsole is what the IAM reference calls a route-less, authentication-layer action: it does not map to an API route and does not bind to a workspace ARN, so policies grant it with "Resource": "*". More importantly for rollouts, it is not included in the AnthropicReadOnlyAccess, AnthropicInferenceAccess, AnthropicLimitedAccess, or AnthropicSelfHostedEnvironmentAccess managed policies. Console access requires AnthropicFullAccess or an explicit custom grant — so if a teammate with read-only access reports the button doesn't work, that is by design, and the fix is a small custom policy statement granting aws-external-anthropic:AssumeConsole on *.

Admin vs. Developer: the second layer

Getting through the door is IAM's job; what you can do inside is a separate, Anthropic-side assignment. Two Console roles exist:

Console roleWhat it grants
AdminAll Console pages and settings
DeveloperRead access to usage, cost, rate limits, and workspaces

These roles are assigned by an Anthropic account representative — they are not derived from your IAM permissions, so a user with AnthropicFullAccess in AWS can still be a Developer inside the Console. Plan for that during onboarding: decide who needs Admin and communicate it to your Anthropic contact, rather than assuming IAM breadth translates.

A final subtlety for security reviewers: the Console's pages split into two access paths. Usage, Cost, Limits, and Workspaces read organization metadata directly from Anthropic and bypass IAM action checks; pages like Files, Skills, Batches, Agents, and Sessions go through the AWS gateway, where the signed-in identity's IAM actions govern exactly as they would for API calls. API keys, Members, and Billing pages are absent entirely — those functions live in AWS. So denying someone GetFile in IAM does restrict what they see in the Console's Files page, but it will not hide organization-level usage numbers from anyone who can sign in.

Rule of thumb: treat AssumeConsole like any other privileged IAM action — grant it to humans through your normal role-assignment process, keep it out of workload roles entirely (applications have no business in a web console), and remember revoking the IAM action closes the door for future sessions.

Where to go next

For the policy mechanics around route-less actions and workspace scoping, see the IAM actions reference and policy templates; for what the workspaces you'll see in the Console actually isolate, read workspace isolation.

Sources