Delete access keys for the root user
You can use the Amazon Web Services Management Console, the Amazon CLI or the Amazon API to delete the root user access keys.
- Amazon Web Services Management Console
-
To delete an access key for the root user
Minimum permissions
To perform the following steps, you must have at least the following IAM permissions:
-
You must sign in as the Amazon Web Services account root user, which requires no additional Amazon Identity and Access Management (IAM) permissions. You can't perform these steps as an IAM user or role.
Open the Amazon Management Console
and sign in using your root user credentials. For instructions, see Sign in to the Amazon Web Services Management Console as the root user in the Amazon Sign-In User Guide.
-
In the upper right corner of the console, choose your account name or number and then choose Security Credentials.
-
In the Access keys section, select the access key that you want to delete, and then, under Actions, choose Delete.
Note
Alternatively, you can Deactivate an access key, instead of permanently deleting it. This way you can resume using it in the future without having to change either the key ID or secret key. While the key is inactive, any attempts to use it in requests to the Amazon API fail with the error
access denied
. -
On the Delete <access key ID> dialog box, choose Deactivate, enter the access key ID to confirm you want to delete it, and then choose Delete.
-
- Amazon CLI & SDKs
-
To delete an access key for the root user
Minimum permissions
To perform the following steps, you must have at least the following IAM permissions:
-
You must sign in as the Amazon Web Services account root user, which requires no additional Amazon Identity and Access Management (IAM) permissions. You can't perform these steps as an IAM user or role.
-
Amazon CLI: aws iam delete-access-key
$
aws iam delete-access-key \ --access-key-id AKIAIOSFODNN7EXAMPLEThis command produces no output when successful.
-
Amazon API: DeleteAccessKey
-