A startup's cloud team is growing from two engineers to twenty. Currently, everyone signs in using the same shared root user credentials to launch resources. What should the company do to align with AWS access management best practices?
- A. Continue sharing the root user credentials, but change the password every week
- B. Create individual IAM users for each engineer, organize them into IAM groups with appropriate policies, and reserve the root user for account-level tasks only Correct
- C. Give every engineer a copy of the root user's access keys so they can use the AWS CLI
- D. Disable the root user entirely so that no one, including AWS Support, can ever sign in with it
Why B is correct
AWS best practice is individual IAM identities with least-privilege permissions, managed at scale through groups — with the root user locked away for the rare account-level tasks that genuinely require it. Every action becomes traceable to a person, and no one carries more power than their job needs.
Why the others are incorrect
Rotating a shared root password weekly still leaves the account's most powerful credential shared and untraceable to any individual. Distributing root access keys multiplies the risk of those credentials leaking. And the root user cannot be disabled or deleted entirely — it can only be secured, since some account-level actions will always require it.