AWS Certified Cloud Practitioner — Question 158

A user is a new AWS account owner who has no special access requirements.

What should this user do with the AWS account root user access keys?

Answer options

• A. Share the keys with all relevant internal users so that those users can programmatically access AWS services.
• B. Post the keys on GitHub to provide development teams with access to AWS services.
• C. Use the keys for access, but do not share the keys with anyone.
• D. Delete the keys and create IAM users.

Correct answer: D

Explanation

The correct answer is D because AWS best practices recommend deleting the root user access keys to enhance security and creating IAM users with specific permissions. Options A, B, and C are incorrect as they involve sharing the root user keys, which poses significant security risks and goes against AWS guidelines.