Your company has just started using AWS and created an AWS account. They are aware of the potential issues when root access is enabled.
How can they best safeguard the account when it comes to root access? Choose 2 answers fro the options given below
A . Delete the root access account
B . Create an Admin IAM user with the necessary permissions
C . Change the password for the root account.
D . Delete the root access keys
Answer: B,D
Explanation:
The AWS Documentation mentions the following
All AWS accounts have root user credentials (that is, the credentials of the account owner). These credentials allow full access to all resources in the account. Because you cant restrict permissions for root user credentials, we recommend that you delete your root user access keys. Then create AWS Identity and Access Management (IAM) user credentials for everyday interaction with AWS.
Option A is incorrect since you cannot delete the root access account
Option C is partially correct but cannot be used as the ideal solution for safeguarding the account
For more information on root access vs admin IAM users, please refer to below URL:
https://docs.aws.amazon.com/eeneral/latest/er/root-vs-iam.html
The correct answers are: Create an Admin IAM user with the necessary permissions. Delete the root access keys Submit your Feedback/Queries to our Experts