Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/
In the navigation pane, choose Users.
In the User Name list, choose the name of the intended MFA user, e.g. support
Choose the Security credentials tab.
Choose Manage next to Assigned MFA device. A popup windows as below will be prompted:
Select the option "Virtual MFA device", then click the Continue button
Click "Show QR code"
Keep the above popup window open, and do NOT click any button.
Then, follow the instruction below to program your SafeID token with the QR code
After you have successfully programmed the token with the QR code, you can return to the popup window.
Use the SafeID/Diamond token that you just programmed to generate 2 passcodes, then enter the passcodes in the above window in the MFA code 1 and MFA code 2 entries
Click the "Assign MFA" button.
If both the MFA code 1 and 2 are correct, then you have completed the setup