Amazon Web Services account root user
Important
We strongly recommend that you don't use the root user for your everyday tasks. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform. For the complete list of tasks that require you to sign in as the root user, see Tasks that require root user credentials.
When you first create an Amazon Web Services (Amazon) account, you begin with a single sign-in identity that has complete access to all Amazon services and resources in the account. This identity is called the Amazon account root user and is accessed by signing in with the email address and password that you used to create the account.
Important
In the Beijing and Ningxia Regions, there is no concept of a root user. All users are IAM users, including the user who created the Amazon account.
The following topics detail management tasks associated with the root user.
Tasks
- Securing the credentials for the root user
- Enable a virtual MFA device for your Amazon Web Services account root user (console)
- Enable a hardware TOTP token for the Amazon Web Services account root user (console)
- Enable a FIDO security key for the Amazon Web Services account root user (console)
- Change the password for the Amazon Web Services account root user
- Resetting a lost or forgotten root user password
- Creating access keys for the root user
- Deleting access keys for the root user
- Tasks that require root user credentials
- Troubleshooting issues with the root user
- Related information