github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0141/Management_Console.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0141/Management_Console.md (about)

     1  1. Log into the AWS Management Console.
     2  2. Click on the AWS account name at the top on AWS management console and click on the "My Security Credentials" from the menu.</br><img src="/resources/aws/iam/root-access-keys/step2.png"/>
     3  3. On the "Your Security Credentials" page scroll down and click on the "Access keys (access key ID and secret access key)". Check the "Status" column under "Access Keys" and see if there are any "Active" keys in the root account. If there are one or more active keys than AWS account might get compromised against unauthorized access.</br><img src="/resources/aws/iam/root-access-keys/step3.png"/>
     4  4. Repeat steps number 2 and 3 for other AWS accounts.</br>
     5  5. Click on the "Access keys (access key ID and secret access key)" under "Your Security Credentials" page and select the "Access Key" which is "Active" under "Status" column.</br><img src="/resources/aws/iam/root-access-keys/step5.png"/>
     6  6. Click on the "Delete" option at the extreme right to delete the selected key.</br><img src="/resources/aws/iam/root-access-keys/step6.png"/>
     7  7. On the "Delete Access Key" tab click on the "Yes" button to delete the selected key.</br><img src="/resources/aws/iam/root-access-keys/step7.png"/>
     8  8. "Access Key" status will be changed to "Deleted" now. </br><img src="/resources/aws/iam/root-access-keys/step8.png"/>