Root account access key exists

Description

The root account holds the highest level of privilege within an AWS account. AWS Access Keys facilitate programmatic access to the account.

It is recommended to revoke all access keys associated with the root account. Removing these access keys reduces potential attack vectors that could lead to account compromise. Furthermore, deactivating root access keys promotes the adoption of role-based accounts with the principle of least privilege, enhancing overall security posture.

Fix - Runtime

AWS Console

To delete or disable active root access keys being Via the AWS Console, follow these steps:

  1. Log in to the AWS Management Console as a Root user at https://console.aws.amazon.com/.
  2. Open the Amazon IAM console.
  3. At the top right of the page click Root_Account_Name, then from the drop down list select Security Credentials.
  4. On the pop out screen click Continue to Security Credentials.
  5. Click Access Keys: Access Key ID and Secret Access Key.
  6. Determine Active Keys, located under the Status column.
  7. To temporarily disable a Key, click Make Inactive.
  8. Click Delete.

🚧 Warning

Deleted keys cannot be recovered.

ReLambda