This is easy advice to a single DevOp who completely controls their own AWS account, but often there is a team of devs and ops with elevated access to the same AWS account and not all of them understand AWS IAM access control, so they put admin level keys in their code. This article gives advice for mitigating the risk of access key leakage.