- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
With the creation of an AWS account, a root user is created that cannot be disabled or deleted. That user has unrestricted access to and control over all resources in the AWS account. It is highly recommended that the use of this account be avoided for everyday tasks.
The root user has unrestricted access to and control over all account resources. Use of it is inconsistent with the principles of least privilege and separation of duties, and can lead to unnecessary harm due to error or account compromise.
If you find that the root user account is being used for daily activity and administrative tasks that do not require the root user, remediate this by doing the following:
Additional Information: The root user for us-gov cloud regions is not enabled by default. However, on request AWS support can enable the root user and grant access only through access-keys (CLI, API methods) for us-gov cloud region. If the root user for us-gov cloud regions is enabled, this recommendation is applicable. Monitor usage of the root user by implementing recommendation 3.3 Ensure a log metric filter and alarm exist for usage of the root user.