How to create an access key for the root user in AWS
Performing tasks with root user credentials opens AWS to potentially catastrophic security vulnerabilities. Creating and managing access keys mitigates the risk.
Image: marchmeena29, Getty Images/iStockphoto
Best practices for Amazon Web Services (AWS) dictate that you should not perform basic everyday tasks using the original root user credentials created when you first registered your AWS account. Root user credentials allow access to everything in your AWS system, without any restrictions, creating a potentially catastrophic security vulnerability.
Google Cloud Platform: An insider’s guide (free PDF)
How to get a job in cloud computing: 10 skills to master
How to get a free month trial of upgraded iCloud storage
Cloud computing policy (TechRepublic Premium)
One way to mitigate this risk is by creating an Identity and Access Management (IAM) user with administrative privileges. A second method for mitigating this security risk requires that you create new access keys for the root user and then delete the old access keys. Combing the generation of new access keys for the root user with the creation of administrative IAM users and groups is the most effective way to secure high-level AWS access.
This tutorial shows you how to generate new access keys for the root user using the AWS console. It also shows you how to delete the old access keys once new keys are generated.
SEE: Amazon Web Services: An insider’s guide (free PDF) (TechRepublic)
Create an access key for the root user in AWS
To create an access key for the AWS root user, you will first have to log in to the AWS system using the root user credentials. If you typically use an administrative IAM user as is best practice, you may have to click the appropriate link to reach the correct login screen.
At the AWS console (Figure A), click on your account name to reveal a dropdown menu and select the My Security Credentials item.