Exam AWS Certified Cloud Practitioner topic 1 question 352 discussion

Answer: D https://docs.aws.amazon.com/accounts/latest/reference/best-practices-root-user.html If you do have an access key for your root user, delete it. Create an administrative user in AWS IAM Identity

D. Delete the keys and create IAM users. The AWS account root user is the user that was created when the AWS account was created. It has full access to all AWS services and resources in the account. It's a best practice to not use the root user access keys for everyday access to AWS services and to instead create IAM users with only the necessary permissions. Additionally, it's important to avoid sharing the root user access keys, as doing so would provide anyone with access to all resources in the account. The best practice is to delete the keys and create IAM users with appropriate permissions.

a message for the freaks that want to post chatgpt'ed answers just keep in mind ai can lie to you just verify facts by yourself

Answer is D https://securingthe.cloud/2020/how-to-secure-aws-account-root-user-best-practices/

la D la descarto porque el usuario raiz no tiene que borrar sus contraseñas. si no guardarlas y crear diferentes usuarios. la C tiene mas logica porque si necesitas acceder con las claves de usiario raiz las guardas pero no las compartes.

D , chatGPT supports this answer!

AWS recommends not using the AWS account root user for routine tasks and instead creating IAM (Identity and Access Management) users for more secure and controlled access to AWS services. The AWS account root user has access to all resources in the account and should be used only for account management tasks that cannot be performed by IAM users. To ensure security best practices and the principle of least privilege, the AWS account root user's access keys should be deleted and replaced with IAM users. IAM users allow you to define specific permissions and access levels for different individuals or applications within your organization, reducing the risk of unauthorized access or accidental misuse.

chatgpt answer: The correct answer is D. Delete the keys and create IAM users. As a best practice, AWS recommends not using the root user for everyday tasks or granting long-term access keys to the root user. The root user has unrestricted access to all resources in the AWS account, making it a security risk if the access keys were to fall into the wrong hands. Instead, it is advisable to create Individual IAM (Identity and Access Management) users for different users who require access to the AWS account. By creating IAM users, you can assign specific permissions to each user based on their role and responsibilities. IAM users provide better security controls, allowing you to grant only the necessary permissions to perform their tasks. In summary, you should delete the root user access keys and create IAM users with appropriate permissions for each user who needs to access AWS services. This ensures better security and access control for your AWS resources.

Answer D. https://docs.aws.amazon.com/accounts/latest/reference/best-practices-root-user.html

https://docs.aws.amazon.com/accounts/latest/reference/best-practices-root-user.html

The recommended best practice is D. Delete the keys and create IAM users. The AWS account root user has unrestricted access to all resources in the account, which makes it a security risk to use the root user access keys for day-to-day operations. Creating IAM users is a best practice to provide appropriate levels of access to AWS services while maintaining security and accountability. By creating an IAM user, the new AWS account owner can assign permissions and access keys to the IAM user based on their specific needs. This allows the account owner to grant only the necessary permissions to each user and monitor their usage of the AWS services.

delete the keys and create IAM

D. Delete the keys and create IAM users.

Deleting the root user access keys is an important security best practice because it reduces the risk of unauthorized access to your AWS resources. It is recommended to only use the root user account to create the first IAM user account and then disable or remove the root user access keys.

Should be C

D is the answer.

I see Answer D makes more sense, this question proves that the Admin who selected B are not responsible for his low knowledge of the topic. It's clearly not B and the admin should update the answer.