En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Deactivate or delete access keys for root user

0

In the IAM console I see the message:

Deactivate or delete access keys for root user
Deactivate or delete the access keys for the root user. Instead, use access keys attached to an IAM user to improve security.

I'm concerned that if I do this I'll be unable to log into my account.

Sujets
Sécurité, identité et conformité
Balises
Gestion des identités et des accès AWS
Langue
English
rePost-User-3622937
demandé il y a 2 ans1508 vues
1 réponse
1

As a security best practice, it is not recommended for the root user to have an access key. Per the AWS documentation https://docs.aws.amazon.com/accounts/latest/reference/credentials-access-keys-best-practices.html,

One of the best ways to protect your account is to not have access keys for your AWS account root user. Unless you must have root user access keys (which is rare), it is best not to generate them. Instead, the recommended best practice is to create one or more AWS Identity and Access Management (IAM) users. Grant those IAM users the necessary permissions, and use them for everyday interaction with AWS.

You'll still have access to your AWS account by using an IAM user. And, if you really need to access the AWS console using your root user, you can still do so by using your root user credentials (email and password). As a security best practice as well, ensure that you have an MFA configured for your root user credentials.

profile picture
joahna
répondu il y a 2 ans
profile pictureAWS
EXPERT
kentrad
vérifié il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents