AWS Organizations root sessions feature should be enabled

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Enabling the AWS Organizations Root Sessions feature increases security by centralizing control and minimizing the attack surface associated with highly privileged root user credentials. This feature allows you to remove long-term root access keys for member accounts and instead grant temporary, time-bound, and task-scoped permissions for essential administrative actions. By doing so, you eliminate the risks of compromised root credentials and ensure that powerful permissions are only used when absolutely necessary and in a monitored, auditable manner.

Remediation

For guidance on enabling centralized root sessions, refer to the Centralize root access for member accounts section of the AWS Identity and Access Management User Guide