AWS-IAM-Access-key-enabled-on-root-account
Severity: low
Description: This policy identifies root accounts for which access keys are enabled. Access keys are used to sign API requests to AWS. Root accounts have complete access to all your AWS services. If the access key for a root account is compromised, an unauthorized users will have complete access to your AWS account.
Remediation Steps:
Perform the following :
Sign in to the AWS Management Console as the root user https://console.aws.amazon.com.
Click root account name and on the top right select 'Security Credentials' from the dropdown.
For each key in 'Access Keys', click on "X" to delete the keys.
Reference:
Â
Blue Hexagon Proprietary