Centralizing AWS Root access for AWS Organizations customers
Security teams will be able to centrally manage AWS root access for member accounts in AWS Organizations with a new feature being introduced by AWS IAM
The root user, who has full access to all AWS resources and services, is the first identity formed when you create an account with Amazon Web Services (AWS)
odifying or removing an Amazon SQS resource policy that rejects all principals is known as “unlocking a SQS queue policy
With the exception of AWS GovCloud and AWS China Regions, which do not have root accounts, all AWS Regions offer free central management of root access
Task-scoped root access: In accordance with the best practices of least privilege, AWS permits temporary AWS root access for particular actions
Centralized management: Instead of logging into each member account separately, you may now execute privileged root operations from a central account
Security teams can concentrate on higher-level activities as a result of the process being streamlined and their operational burden being lessened