- Newest
- Most votes
- Most comments
Hello.
Is it possible to access and delete an AWS account as root user?
If you can log in as the root user, you can operate any IAM resource in your account.
https://docs.aws.amazon.com/signin/latest/userguide/introduction-to-root-user-sign-in-tutorial.html
Also, although unrelated to resource deletion, if your AWS account has been hijacked, be sure to change the root user password.
Other MFA settings are also effective in improving security and should be set.
https://docs.aws.amazon.com/accounts/latest/reference/root-user-password.html
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html#enable-virt-mfa-for-root
It is also possible that the error is caused by an administrative IAM role managed by AWS.
For example, if your AWS account belongs to Organizasions, etc. and you try to delete SSO admin IAM roles, etc., you will get such an error.
What IAM role are you trying to delete?
yess these are there is an administrative sso role am trying to delete which is not getting delete , service linked roles too
I believe that the IAM role of the SSO administrator cannot be deleted without removing the IAM role from Organizasions membership. Could you please share the name of the IAM role you are trying to delete? Also, is your user a root user?
AWSReservedSSO_AdministratorAccess AWSServiceRoleForOrganizations AWSServiceRoleForSSO AWSServiceRoleForSupport AWSServiceRoleForTrustedAdvisor
yes i am a root user
Thanks for sharing. The IAM roles listed were created by AWS. Therefore, there is no need to delete it. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
A service-linked role is a type of service role that is linked to an AWS service. The service can assume the role to perform an action on your behalf. Service-linked roles appear in your AWS account and are owned by the service. An IAM administrator can view, but not edit the permissions for service-linked roles.
but the creation date of the first three roles is just after i got the mail that my email for aws has been changed(account was hacked) is this not alarming ? or is it still okay (am not an expert in aws just looking for your advice)
Hey everyone,
I'm in a bit of a pickle. My account was recently compromised, and though I've managed to regain access, there are a few roles that have been granted admin permissions, and I just can't seem to remove them. Each time I attempt to revoke the sessions, I'm met with an error that reads 'Failed to revoke sessions. Cannot perform the operation on the protected role ';;;;' - this role is only modifiable by AWS'.
Has anyone else faced something similar? I'd really appreciate any guidance or advice on how to resolve this.
https://docs.aws.amazon.com/accounts/latest/reference/root-user-password.html https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html#enable-virt-mfa-for-root
Thanks in advance, Farru.
Hello.
That error is an error that occurs when trying to delete an AWS-managed IAM role. What IAM role are you trying to delete?
Relevant content
- asked a year ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
From. moderator: this is a duplicate of https://repost.aws/questions/QUSC73xHmPTWuprDtF5ME9ng/my-account-got-hacked which has already an accepted answer. Please, do not repeat same question
this is not a duplicate question , i mentioned i have recovered my account now , my previous question mentions that i wasnt able to access the account due to unauthorized changed email address , this questions revolves around some roles which i am not able to delete after i have recovered the account but the account might still be compromised (am sorry dont have much knowledge about aws)