VMware recommends that you minimize the use of master account credentials by creating an IAM role and instance profile with the minimum required EC2, VPC, and EBS credentials.
Additionally, VMware recommends that you follow AWS account security best practices such as disabling root keys, using multi-factor authentication on the root account, and using CloudTrail for auditing API actions.
For more Amazon-specific best practices, see the following topics in the AWS documentation:
