[the_mitsuhiko]

Since there are certain operations that can only be done with the root account, there is no way to disable access to it.

[jhealy]

Since 2024 you can disable the root credentials on all accounts except the Organization management account: https://aws.amazon.com/blogs/aws/centrally-managing-root-acc...

I don't think the post mortem details whether the root access was on the org management account or an org member account.

[the_mitsuhiko]

Oh wow. I completely missed that change.