DEV Community

Mim Ahmed for AWS Community Builders

Posted on

πŸ” How to Remove Access Keys from Your AWS Root Account

πŸ”’ Why You Should Remove AWS Root Access Keys

Using access keys for the AWS root user is a huge security risk. The root account has unrestricted access to your entire AWS environment. If the root keys are compromised, so is your entire AWS account.

βœ… AWS recommends never using the root account for everyday tasks. Instead, use IAM roles or users with fine-grained permissions.


πŸ›  Step-by-Step: Remove AWS Root Access Keys

βœ… Prerequisites

  • You must sign in as the root user (not an IAM user).
  • You should already have an IAM user or role with admin permissions.
  • Ensure no services or scripts are actively using the root key.

πŸ‘£ Step 1: Sign in as Root

  • Go to https://aws.amazon.com/
  • Click "Sign In to the Console"
  • Choose "Root user" and sign in with the root email + password.

- Complete MFA if it's enabled (highly recommended).

If you have keys you can see like this

aws root console

πŸ‘£ Step 2: Navigate to Security Credentials

  • Click your account name at the top right.
  • Select "Security credentials" from the dropdown.

Security Credentials

πŸ‘£ Step 3: Locate the Access Keys

  • Scroll to the β€œAccess keys” section.
  • You will see a list of existing access keys.

- Keys may be in one of these states: Active, Inactive, or Deleted.

Select The Keys or All Keys to Delete

Locate the Access Keys

Click on Actions and First Deactivate it (if active).

Deactivate Keys

Now Again Click Delete

Delete Keys

πŸ‘£ Step 4: Delete the Access Key(s)

  • Click "Delete" next to each active/inactive key.
  • Confirm the deletion when prompted.

Delete Keys

After Successful Delete you can see like this

Successful Delete

Now on Dashboard You can see like this

Dashboard No Access Keys Root User

πŸ’‘ Tip: If unsure whether a key is still in use, deactivate it first and observe if anything breaks. If not, proceed with deletion.

Top comments (0)