- Newest
- Most votes
- Most comments
Hello.
I tried resetting the root user's password by setting it up with my AWS account, but the email is only sent to the root user's email address.
Emails were not sent to the email address set using the steps in the document below.
https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-update-contact-alternate.html
We recommend configuring MFA for AWS root users.
From a technical standpoint I recommend setting up an EventBrige rule that captures Login Events for root user and then sending the json through a transformer with SNS to a relevant contact.
There's a post about something similar here: https://repost.aws/knowledge-center/root-user-account-eventbridge-rule
Enabling MFA for the root user will help to address this security concern -> https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa.html
I already have MFA setup, but I am understanding that can also be reset using the root email
Relevant content
- Accepted Answerasked 2 months ago
- asked 3 months ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Thanks for the suggestion. Looks like a complicated way to do something quite simple but will take a look
Oh it's not complicated at all. The json transfromer is a personal suggestion so the email to you looks clean and human readable instead of json block text. You don't need to use CF at all to implement it. Just make an eventbridge rule for UserIdentity root for login events and have it send through SNS to your email (or security contact).
Ok, I just set it up, I agree its quite straightforward, thanks