AWS Security ChangesHomeSearch

AWS IAM documentation change

Service: IAM · 2025-04-03 · Documentation low

File: IAM/latest/UserGuide/root-user-best-practices.md

Summary

Consistently updated 'Organizations' to 'AWS Organizations' terminology throughout security best practices documentation

Security assessment

Changes are branding/terminology updates in existing security guidance. No new security features or vulnerability fixes introduced

Diff

diff --git a/IAM/latest/UserGuide/root-user-best-practices.md b/IAM/latest/UserGuide/root-user-best-practices.md
index c482c06f0..f397badb7 100644
--- a//IAM/latest/UserGuide/root-user-best-practices.md
+++ b//IAM/latest/UserGuide/root-user-best-practices.md
@@ -5 +5 @@
-Secure your root user credentials to prevent unauthorized useUse a strong root user password to help protect accessSecure your root user sign-in with multi-factor authentication (MFA)Don't create access keys for the root userUse multi-person approval for root user sign-in wherever possibleUse a group email address for root user credentialsRestrict access to account recovery mechanismsSecure your Organizations account root user credentialsMonitor access and usage
+Secure your root user credentials to prevent unauthorized useUse a strong root user password to help protect accessSecure your root user sign-in with multi-factor authentication (MFA)Don't create access keys for the root userUse multi-person approval for root user sign-in wherever possibleUse a group email address for root user credentialsRestrict access to account recovery mechanismsSecure your AWS Organizations account root user credentialsMonitor access and usage
@@ -11 +11 @@ When you first create an AWS account, you begin with a default set of credential
-For multiple AWS accounts managed through Organizations, we recommend removing root user credentials from member accounts to help prevent unauthorized use. You can remove the root user password, access keys, signing certificates, and deactivate and delete multi-factor authentication (MFA). Member accounts can't sign in to their root user or perform password recovery for their root user. For more information, see [Centrally manage root access for member accounts](./id_root-user.html#id_root-user-access-management).
+For multiple AWS accounts managed through AWS Organizations, we recommend removing root user credentials from member accounts to help prevent unauthorized use. You can remove the root user password, access keys, signing certificates, and deactivate and delete multi-factor authentication (MFA). Member accounts can't sign in to their root user or perform password recovery for their root user. For more information, see [Centrally manage root access for member accounts](./id_root-user.html#id_root-user-access-management).
@@ -26 +26 @@ With your administrative user, you can then create additional identities for use
-  * For multiple AWS accounts managed through Organizations, use IAM Identity Center workforce users. With IAM Identity Center, you can centrally manage users across your AWS accounts and permissions within those accounts. Manage your user identities with IAM Identity Center or from an external identity provider. For more information, see [What is AWS IAM Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the _AWS IAM Identity Center User Guide_.
+  * For multiple AWS accounts managed through AWS Organizations, use IAM Identity Center workforce users. With IAM Identity Center, you can centrally manage users across your AWS accounts and permissions within those accounts. Manage your user identities with IAM Identity Center or from an external identity provider. For more information, see [What is AWS IAM Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the _AWS IAM Identity Center User Guide_.
@@ -47 +47 @@ With your administrative user, you can then create additional identities for use
-  * Secure your Organizations account root user credentials
+  * Secure your AWS Organizations account root user credentials
@@ -119 +119 @@ No one person should have access to both the email inbox and phone number since
-## Secure your Organizations account root user credentials
+## Secure your AWS Organizations account root user credentials
@@ -121 +121 @@ No one person should have access to both the email inbox and phone number since
-As you move to a multi-account strategy with Organizations, each of your AWS accounts has its own root user credentials that you need to secure. The account you use to create your organization is the **management account** and the rest of the accounts in your organization are **member accounts**.
+As you move to a multi-account strategy with AWS Organizations, each of your AWS accounts has its own root user credentials that you need to secure. The account you use to create your organization is the **management account** and the rest of the accounts in your organization are **member accounts**.
@@ -129 +129 @@ AWS requires that you register MFA for the root user of your organization's mana
-If you use Organizations to manage multiple accounts, there are two strategies that you can take to secure root user access in your Organizations.
+If you use AWS Organizations to manage multiple accounts, there are two strategies that you can take to secure root user access in your AWS Organizations.
@@ -133 +133 @@ If you use Organizations to manage multiple accounts, there are two strategies t
-  * Secure root user credentials of your Organizations accounts with MFA to enhance account security. For more information, see [Multi-factor authentication for AWS account root user](./enable-mfa-for-root.html).
+  * Secure root user credentials of your AWS Organizations accounts with MFA to enhance account security. For more information, see [Multi-factor authentication for AWS account root user](./enable-mfa-for-root.html).
@@ -138 +138 @@ If you use Organizations to manage multiple accounts, there are two strategies t
-For details, see [Accessing member accounts in your organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html) in the _Organizations User Guide_.
+For details, see [Accessing member accounts in your organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html) in the _AWS Organizations User Guide_.
@@ -140 +140 @@ For details, see [Accessing member accounts in your organization](https://docs.a
-### Set preventative security controls in Organizations using a service control policy (SCP)
+### Set preventative security controls in AWS Organizations using a service control policy (SCP)