DEV Community

kasukur
kasukur

Posted on • Updated on

Why is it important to remove root access key?

Principle of least privileges

IAM

Recently I was unable to launch EC2 instances using my own account. The error message I got was:

Launch Failed
This account is currently blocked and not recognized as a valid account. Please contact > aws-verification@amazon.com if you have questions.

Upon checking Stackoverflow, I came across this article.

The resolution suggested that I use 3 specific regions as per the welcome email. However this still didn't resolve my issue.

I then went to IAM console and noticed a security recommendation:

Before

IAM Before

Navigate to My Account > Security Credentials and then inactivate / remove the root access keys.

After

IAM After

Resolution

  • I raised a case using Support > Support Center at the top right of the AWS console.
  • They informed me that AWS support had put a temporary restriction which would be in place until I improved the security of my account.
  • Since I had completed the steps above and the security of my account was no longer an issue, they proceeded to unlock my account right away.
  • The resolution was prompt and I was very impressed with the support I received!

Summary

  • AWS are constantly monitoring and alerting users to keep their accounts safe.
  • As AWS recommends, one of the best practices is to use the "Principle of least privileges".

Discussion (0)