Secure access is one of the most important considerations when designing any AWS architecture. You should define how users, tools, and applications interact with AWS services and the data hosted there. This includes, for example, who can create or terminate AWS resources, when access is granted to your AWS resources, and any interactions involving AWS service calls.

This includes the AWS Shared Responsibility Model, AWS global infrastructure, and the resilience of different AWS services. Securing access to AWS resources also requires knowledge of securing services in various cloud environments—public, private, hybrid, and multi-cloud.

AWS Root User

When you first create an AWS account, you begin with a single root user. This root user has unrestricted access to all resources and services in the AWS account. It is created using the email address and password you provided during the account setup process.

Why You Get the Root User:

Why You Should Not Continue to Use the Root AWS Account

While the root user is essential for initial setup, continuing to use it for daily operations poses significant security risks:

Securing the Root User

To mitigate the risks associated with the root user, implement the following best practices:

1. Enable Multi-Factor Authentication (MFA)

2. Limit Root User Usage

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

Sign In Get Instant Access