AWS IAM Account Frozen

AWS has seen fit to freeze/block/lock my IAM account that I created from root. They think there was suspicious activity when there was none and have ignored my repeated requests to unblock my account. I have several weeks' worth of lab work created and performed under this account. I could delete this account from root and create another one. But my fear is that all of my work will be gone and I'll have to re-do several weeks' worth of SAA labs.

I read a link that says that if I delete the account, I'll lose the following:

The user

Any user group memberships—that is, the user is removed from any IAM user groups that the user was a member of

Any password associated with the user

Any access keys belonging to the user

All inline policies embedded in the user (policies that are applied to a user via user group permissions are not affected)

Is this all that I'll lose? My load balancers, instances, roles, policies, inbound/outbound rules will still be there and, if I create a new IAM user, I'll be able to access and use these items? I'd hate to lose access to these items and have to re-create weeks' worth of work just because some link didn't tell me the whole story.

Topics

Management & Governance

Tags

AWS Account Management

Language

English

AWS-User-1847871

asked 2 years ago208 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Yes, if you delete the user only those items you listed above will be deleted. Any resources created by that user will still exist, so you will not lose any created load balancers, instances or other provisioned infrastructure.

Stewart Wallace

answered 2 years ago

AWS-User-1847871
2 years ago
Thank you, I will go ahead and delete that account. Still, I wish AWS would leave my accounts alone and stop making unilateral decisions regarding my account and at least ask me what happened.
AWS-User-1847871
2 years ago
This is for the broader audience so that when people search, they'll see this.

With all due respect, what you told me was completely, utterly, 100% incorrect. You went off what the links say and what the test question likely says. I learned a long time ago that vendors' links say one thing, and the real app or device might and more often than not does behave in an entirely different way. I deleted the user account that AWS was blocking and created a new IAM user. Every single one of my security groups, LB's, instances, target groups, you name it, are 100% gone daddy gone. I am now faced with the idea that the last 6 weeks' worth of lab work has been completely erased. I have to now start all of my cert prep for SAA all over again. Please do not dispense of advice just because you read a link. Only dispense of advice when you are 100% sure because you tried it yourself in the wild. I now have to start all over again. I know you meant to help. But you clearly just read the link and never actually tried it. And I was pretty clear on the type of advice I was looking for.
AWS-User-1847871
2 years ago
To all others doing cert prep - The way this whole thing started with my IAM account being frozen is one or the other or both of the following:

Repeated auth failures bec AWS has way too many fields/hoops to jump through before you can logon and it doesn't play well at all with Chrome's autofill. You end up with a hodge podge of your root name and some other items to do with your IAM account.

Daring to ask for support on AWS. When you do that, it bumps out to some third party paid support that AWS obviously hired since it bumps out from THEIR support page. This is THEIR vendor. The tech and I - a 15 year veteran of AWS - couldn't for the life of us figure out why the instances were failing health check. They don't have screen share so, if you want them to see what you're doing, you have to allow access. I didn't see the harm, so I allowed it and he fixed it. AWS immediately flagged either this or the combination of the 2 as suspicious activity, blocked my IAM user account, and repeatedly ignored my requests to unblock it. AWS Support is a useless organization to do with these issues. They flagged their own vendor as suspicious activity and have never responded to any of my correspondence.

Do NOT use that third party vendor. If have problems, you are strictly, 100% on your own to figure it out.

Relevant content

My Account was Hacked
Tanish
asked 8 months ago
Suspicious Account Breach
rePost-User-8497268
asked 2 years ago
My account was suspended, but I need to change my payment method. My credit card has not activated long time ago.
Nazime Esin Senol
asked a year ago
How to I separate my AWS root user account from my amazon.com account
Accepted Answer
John
asked 4 months ago
How do I create an EventBridge event rule to notify me that my AWS root user account was used?
AWS OFFICIALUpdated 7 months ago
What do I do if I notice unauthorized activity in my AWS account?
AWS OFFICIALUpdated a year ago
Why can't I access an object that was uploaded to my Amazon S3 bucket by another AWS account?
AWS OFFICIALUpdated 2 years ago
Why was I charged by Amazon Web Services when I don't have an AWS account?
AWS OFFICIALUpdated a year ago
AWS Account Activation - Locating AWS Account ID and Troubleshooting Phone Verification Issues
EXPERT
dnyanesh-db
published 5 months ago
Why doesn't S3 respect the TLS settings in my IAM policy?
EXPERT
Brettski-AWS
published 2 years ago