- Newest
- Most votes
- Most comments
Hi,
AWS account admin (=root in your message) is a different object than EC2 root user that you use when connecting via ssh to your instance
Look at https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-set-up.html#sign-up-for-aws : it is recommend to "forget" about your account full admin username.
Here is a list of the things that you must with full admin access: https://docs.aws.amazon.com/IAM/latest/UserGuide/root-user-tasks.html. All the rest should be done with different usernames.
So, you don't need to be account admin to become root on EC2: you just need to be authorized to download the private key of corresponding instance to become root.
This guide is very detailled regarding root usage: https://saturncloud.io/blog/understanding-amazon-ec2-root-login-a-guide/
Best,
Didier
I believe that you can still use your account, so your access, if root account is deleted, will not be compromised.
@Didier, we're using SSO login, is it okay to remove all root account? is there no any issues, if I don't retain any root account?
Relevant content
- Accepted Answerasked 5 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 2 years ago