/
Root Account Activity

Root Account Activity

Owned by Solomon F Prophete
Oct 28, 2019
1 min read

Root accounts have a lot of power. They can access any AWS resource for an account with practically no restrictions. Given this, they should never be used after their initial inception from the account creation. In addition to their prevented usage, security maintenance should be performed. Multi-factor authentication is essential as an added protection. Along with MFA, access keys should be created, which consists of two values, an access key ID and a secret access key. These values are generated by AWS and rotation of the values every few months is critical to prevent misuse. More information can be found here:

 

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html

Related content

Login Bypassing SAML
Login Bypassing SAML
CUIT CyberSecurity
Read with this
High Volume/Denied API Activity
High Volume/Denied API Activity
CUIT CyberSecurity
More like this
Cloud Security Monitoring
Cloud Security Monitoring
CUIT CyberSecurity
Read with this
Short Lived Accounts
Short Lived Accounts
CUIT CyberSecurity
More like this
AWS Security Alerts
AWS Security Alerts
CUIT CyberSecurity
Read with this
IAM Policy Changes
IAM Policy Changes
CUIT CyberSecurity
More like this