AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company is using AWS Identity and Access Management (IAM). Who can manage the access keys of the AWS account root user?
Real Exam
Community
RRitesh
A
IAM users in the same account that have been granted permission
B
IAM roles in any account that have been granted permission
C
IAM users and roles that have been granted permission
D
The AWS account owner
Explanation:
Explanation
Only the AWS account owner can manage the access keys of the AWS account root user. This is a critical security measure in AWS:
-
Root user credentials provide complete, unrestricted access to all AWS services and resources in the account
-
IAM users, roles, and policies cannot manage or modify root user credentials, even with administrative permissions
-
This separation ensures that the ultimate account ownership and control remains with the account owner
-
The root user should only be used for specific account-level tasks that cannot be performed by IAM users
Best Practice: Enable multi-factor authentication (MFA) for the root user and use IAM users for daily operations to enhance security.
Comments
Loading comments...