🔒 Why You Should Remove AWS Root Access Keys
Using access keys for the AWS root user is a huge security risk. The root account has unrestricted access to your entire AWS environment. If the root keys are compromised, so is your entire AWS account.
✅ AWS recommends never using the root account for everyday tasks. Instead, use IAM roles or users with fine-grained permissions.
🛠 Step-by-Step: Remove AWS Root Access Keys
✅ Prerequisites
- You must sign in as the root user (not an IAM user).
- You should already have an IAM user or role with admin permissions.
- Ensure no services or scripts are actively using the root key.
👣 Step 1: Sign in as Root
- Go to https://aws.amazon.com/
- Click "Sign In to the Console"
- Choose "Root user" and sign in with the root email + password.
- Complete MFA if it's enabled (highly recommended).
If you have keys you can see like this
👣 Step 2: Navigate to Security Credentials
- Click your account name at the top right.
- Select "Security credentials" from the dropdown.
👣 Step 3: Locate the Access Keys
- Scroll to the “Access keys” section.
- You will see a list of existing access keys.
- Keys may be in one of these states: Active, Inactive, or Deleted.
Select The Keys or All Keys to Delete
Click on Actions and First Deactivate it (if active).
Now Again Click Delete
👣 Step 4: Delete the Access Key(s)
- Click "Delete" next to each active/inactive key.
- Confirm the deletion when prompted.
After Successful Delete you can see like this
Now on Dashboard You can see like this
💡 Tip: If unsure whether a key is still in use, deactivate it first and observe if anything breaks. If not, proceed with deletion.
Top comments (0)