Secure root user access for member accounts in AWS Organizations
Security Blog
AWS introduces a new feature for centralized management of root user access across AWS Organizations, enabling security teams to control and manage root credentials in member accounts more effectively.
- Allows centralized monitoring, removal, and prevention of root credential recovery across member accounts
- Provides privileged root actions with short-term (15-minute) task-scoped root sessions
- Supports actions like unlocking S3 bucket and SQS queue policies without permanent root credentials
- Enables delegation of root access management to a dedicated security account
- Supports CLI and console management of root credentials
Key benefits include improved security posture, reduced management overhead, and simplified root credential management across an organization's AWS accounts.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 15
2024
2024
Centrally managing root access for customers using AWS Organizations
Nov 15
2024
2024
Centrally manage root access in AWS Identity and Access Management (IAM)
Jun 7
2024
2024
Centrally manage member account root email addresses across your AWS Organization
Nov 13
2025
2025
Securely accessing external accounts with AWS IAM Identity Center
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.