---
title: Only one active access key should exist per user
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Only one active access key should exist
  per user
---

# Only one active access key should exist per user
 
## Description{% #description %}

Access keys are long-term credentials for an IAM user or the AWS account root user. They allow users to sign programmatic requests to the AWS CLI or AWS API. To enhance security, Datadog recommends that you limit users to a single active access key.

Not allowing multiple access keys for a user reduces the risk of misuse or unintended access, contributing to better management of AWS resources.

## Remediation{% #remediation %}

For instructions on managing and deactivating excess IAM access keys, refer to [Managing AWS Access Keys](https://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html).