Using the AWS account root user

Important

Anyone who has root user credentials for your AWS account has unrestricted access to all the resources in your account, including billing information.

When you create an AWS account, you begin with one sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that you used to create the account. We strongly recommend that you don't use the root user for your everyday tasks. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform. For the complete list of tasks that require you to sign in as the root user, see Tasks that require root user credentials in the IAM User Guide.

To avoid using the root user for everyday tasks, learn how to set up an administrative user in AWS IAM Identity Center. For additional root user security recommendations, see Root user best practices for your AWS account.

You can change, or reset the root user password, and create, or delete access keys (access key IDs and secret access keys) for your root user. For help signing in using your root user, see Sign in to the AWS Management Console as the root user in the AWS Sign-In User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Getting started: Are you a first-time AWS user?

Manage your account