Skip to content

AWS Console Access

This guide walks you through signing in to the AWS Management Console using your Synderys single sign-on credentials.

Before You Begin

You will need:

  • Your Synderys username and password
  • Your enrolled MFA device (authenticator app or security key)
  • Membership in at least one AWS access group (your administrator sets this up during onboarding)

Sign-In Steps

  1. Open your web browser and navigate to https://aws.synderys.com.

  2. You will be redirected to the Authentik login page. Enter your username and password, then click Sign In.

  3. Complete the MFA challenge using your authenticator app or security key.

  4. After authentication, you will see the AWS SSO Portal — a page listing your available AWS accounts and roles.

  5. Click on an account name to expand it and see the roles available to you.

  6. Click on a role name (such as ReadOnly or DNSAdmin) to open the AWS Console for that account.

What to expect

After clicking a role, the AWS Console opens in a new view. You are now working inside that specific AWS account with the permissions granted by that role. Your name and current role appear in the top-right corner of the console.

Available Accounts

Account Purpose
synderys-management Billing and organization settings
synderys-security Audit logs and security monitoring
synderys-workload DNS management, encryption keys, and production workloads

Which accounts and roles you see depends on your group membership. See Available Roles for a full breakdown.

Session Duration

Your AWS session lasts 4 hours. After that, you will be redirected to re-authenticate. To start a new session, navigate back to https://aws.synderys.com and sign in again.

You can switch between accounts and roles at any time by returning to the SSO portal.

Getting CLI Credentials

If you need command-line access, click Command line or programmatic access next to any role in the SSO portal. See CLI Access for detailed instructions.

Troubleshooting FAQ

Q: I signed in but I do not see any AWS accounts listed. : Your Authentik account may not be assigned to any AWS access group. Contact IT to verify your group membership.

Q: I see "Access Denied" when I try to perform an action in the console. : Your current role may not have permission for that action. Check which role you are using in the top-right corner of the console. If you need additional permissions, contact IT.

Q: My session expired unexpectedly. : AWS sessions last 4 hours. Return to https://aws.synderys.com and re-authenticate.

Q: I get a "User not found" error after signing in to Authentik. : Your Authentik email address must match your AWS identity exactly. Contact IT to verify the addresses match in both systems.

Q: The SSO portal loads but shows an error page. : Clear your browser cache and cookies, then try again. If the problem persists, try a private/incognito window or contact IT.