Still referencing Best Practices for Managing AWS Access Keys, best practices recommends that root access keys are never used and should be completely removed from your AWS account. Instead, IAM users with limited permissions should be used.
In fact, Skeddly even prevents root access keys from being registered with Skeddly. We always recommend using IAM third-party roles, however, access keys can still be used. And we only allow IAM user access keys to be registered.
Today, we’re happy to announce a new action to monitor for root access keys: Check Root Access Keys.
This new action will check your AWS account’s summary information for the number of root access keys. If root access keys were found, an email can be sent reporting the number of root access keys.
Side note: Our original intention was for this action to delete the root access keys, but due to AWS security, IAM roles and users cannot do that. So the best we can do is report their existance.
Full pricing information for this new action is available on our pricing page.