Root User

Question 1

Root User

Answer 1

• Root user ACCESS KEY = (an access key ID and secret access key)
• Access keys can be made Inactive and regenerated
• ACCESS KEY ( 20 Characters) SECRET KEY ( 40 Characters)
• Used with Programmatic access or SDKs , will need these values to sign the REST calls to the services
• You cannot restrict the permissions associated with your “AWS account” access key. (i.e, It is not possible to restrict the permissions that are granted to the root account.)
• You use an access key (an ACCESS KEY ID and SECRET KEY access key) to make programmatic requests to AWS. Do not use your AWS account root user access key
• Best Practice: Rotate the keys. To allow for this IAM facilitates the use of 2 active keys at a time ; Keys can be rotated via the console cli sdks when rotating keys disable key first instead of deleting is critical as allows for rollback

Question 2

Root User : Best practice

Answer 2

• Rotate the keys, to allow for this IAM facilitates the use of 2 active keys at a time ; Keys can be rotated via the console cli sdks when rotating keys disable key first instead of deleting is critical as allows for rollback

Question 3

Root & AWS Account >> Main Properties

Answer 3

• Email used to register is the root account
• It is not possible to restrict the permissions that are granted to the root account.
• IAM users are not separate accounts; they are users within your account
• By default, only the AWS account owner (root account) has access to view and manage billing information
• AWS account are single accounts
• IAM manages access level to AWS console ;

IAM s globally universally available & an eventually consistent service