Skip to main content

Remediation

Perform the following to delete active root user access keys.

From Consoleโ€‹

  1. Sign in to the AWS Management Console as root and open the IAM console at https://console.aws.amazon.com/iam/.
  2. Click on <root_account> at the top right and select My Security Credentials from the drop-down list.
  3. On the pop-out screen, click Continue to Security Credentials.
  4. Click Access Keys (Access Key ID and Secret Access Key).
  5. If there are active keys, under Status, click Delete (Note: Deleted keys cannot be recovered).

Note: While a key can be made inactive, this inactive key will still show up in the CLI command from the audit procedure, and may lead to a key being falsely flagged as being non-compliant.