~ 2 min read

How to remove AWS Root user access keys

Having an access key for the Root user poses the risk of being misused or stolen, since this user has unrestricted access in the account. If your Root user also has access keys that you would like to remove, here is a step-by-step guide to do so.

AWS Root user has unrestricted access in the account. This user should only be used for those activities that require Root level access, like Billing or adding other AWS accounts to Organisations. For day-to-day activities in the account, users with required permissions must be created.

Having an access key for the Root user becomes a liability and poses the additional risk of being misused or stolen. If an attacker gains access to the root user access keys, they could take over the entire AWS account compromising every single piece of data, access to virtual machines or even the entire operations of the Organisation.

‍

Removing access keys for Root User

You can see a quick video of how this is done by following the steps in this video:

‍

‍

Following is the step-by-step guide to remove access keys for a Root User on AWS:

  1. Sign in to the AWS management console using the account root user credentials
  2. Click on the account name or number in the upper right corner and select Security Credentials from the drop down

‍

Removing access keys for Root User‍

  1. Select the Access Keys section

‍

Select the Access Keys section‍

  1. To delete the access key, select the radio button

‍

To delete the access key, select the radio button‍

  1. From the Actions dropdown, select Delete

‍

From the Actions dropdown, select Delete‍

  1. This will display a pop up. Click on Deactivate

‍

This will display a pop up. Click on Deactivate‍

  1. Provide the Access Key ID

‍

‍Provide the Access Key ID‍

  1. Click on Delete to remove the access key

‍

Click on Delete to remove the access key‍

***

‍

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

;