Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ Identity and Access Management/ The Root User Should Not Have Available Access Keys

Updated on 2025-08-25 GMT+08:00

View PDF

The Root User Should Not Have Available Access Keys

Rule Details

**Table 1** Rule details
Parameter	Description
Rule Name	iam-root-access-key-check
Identifier	iam-root-access-key-check
Description	If the root user access key is available, the account is non-compliant.
Tag	iam
Trigger Type	Periodic
Filter Type	Account
Rule Parameters	None

Application Scenarios

To enhance account security, you are advised to only use the password to log in to the console. Do not create access keys for your root user.

Solution

You can delete or disable access keys for the root user. For more details, see Managing Access Keys for an IAM User.

Rule Logic

If a root user does not have an enabled access key, the account is compliant.
If a root user has an enabled access key, the account is non-compliant.

Parent topic: Identity and Access Management

Previous topic: Custom Policies Do Not Allow All Actions for a Service

Next topic: Access Mode Check

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.