Substrate documentation
2023.03
Source & Binary
Search
⌃K
Links

Deleting unnecessary root access keys

Once you have credentials from the Credential Factory or are logged into an EC2 instance from the Instance Factory, verify that you can run substrate assume-role -management. If so, you can finally delete your root and OrganizationAdministrator access keys. They're simply security liabilities. Let's delete them:
  1. 1.
    Run substrate delete-static-access-keys to delete access keys for the OrganizationAdministrator IAM user in your management account
  2. 2.
    Visit https://console.aws.amazon.com/iam/home#/security_credentials while signed in using the root email address, password, and second factor on your management account
  3. 3.
    Scroll to the Access keys section
  4. 4.
    Select your root access key
  5. 5.
    Click Actions
  6. 6.
    Click Delete
  7. 7.
    Click Deactivate
  8. 8.
    Paste the access key ID into the confirmation prompt
  9. 9.
    Click Delete
From now on, the Credential and Instance Factories are how you access your organization via the command line.
Previous
Integrating your Okta identity provider
Next - Bootstrapping your Substrate-managed AWS organization
Integrating your original AWS account(s)
Last modified 26d ago