In AWS an access key is required in order to sign requests that you make using the command-lineinterface (CLI), using the AWS SDKs, or using direct API calls. Anyone who has the access key for your root account has unrestricted access to all the resources in your account, including billinginformation. One of the best ways to protect your account is to not have an access key for your rootaccount. We recommend that unless you must have a root access key (this is very rare), that you donot generate one. Instead, AWS best practice is to create one or more AWS Identity and AccessManagement (IAM) users, give them the necessary permissions, and use IAM users for everydayinteraction with AWS. Reference: http://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html#root-Password