I had an AWS account for some time and was trying to learn how to use it. Of course I was using free tier for some time and then just stopped using AWS without even completely exhausting my free tier credits.
Then one day i got a mail -
Greetings from Amazon Web Services,
As you requested, your AWS account password has been updated.
To view or edit your account settings, please visit the “My Account” page at
https://console.aws.amazon.com/billing/home?#/account.
For help and support, visit the AWS Support Center at https://aws.amazon.com/contact-us.
Thank you for using Amazon Web Services.
Sincerely,
The Amazon Web Service Team
i never looked at that mail for months
then after few days another mail -
Hello,
Your AWS Account may have been inappropriately accessed by a third-party. Please review the following notice and take immediate action to secure your account.
We detected potentially unwanted activity in your AWS account. This activity is related to your AWS access key (some key) belonging to user root, which may indicate that this access key and the corresponding secret key are compromised.
To protect your account, we have temporarily limited your ability to use some AWS services.
To restore access, you must contact AWS by 2025-06-09 and follow the instructions below. If you do not contact AWS by 2025-06-09, we may suspend your account. We may terminate any suspicious resources on your account, and some resources may not be recoverable once terminated. Additionally, we recommend that as a security best practice you enable multi-factor authentication (MFA) to create an additional layer of protection for your account [1].
Follow the instructions below to secure and restore your account. For more detailed instructions, please refer to the “What do I do if I notice unauthorized activity in my AWS account?” user guide [2].
Step 1:
If your application uses the exposed access key, you need to replace the key. To replace the key, first create a second key (at that point both keys will be active). Then, modify your application to use the new key.
Next, disable (do not delete) the exposed key by clicking on the “Make inactive” option in the console. If there are any problems with your application, you can reactivate the exposed key. When your application is fully functional using the new key, please delete the exposed access key (some key)
yes i didnt contacted them, it was my mistake that i overlooked this .
then this mail -
Your Amazon Web Services Multi-Factor Authentication (MFA) Has Been Deactivated
then when i fillanly looked into my mails and account i didnt understood a thing and simply deleted my account but forgot to even look the bill, it wasnt much less than 1500INR and it was never deducted from my bank account
but my account was getting used by a third-party source without me authorizing it
I am not able to contact support regarding that account as it need signin and i cant sign-in after deleting my account.
so i thought the best part is to delete my account
can i make a new account for myself to learn and use aws in future without any obstruction ?
or am i bannned from making new account or blacklisted ?
