It is a cool concept though.
Valid point. I will add HTTPS. Using your root credentials is a bad idea
However, you are able to create a user in AWS that has restricted permissions, and dispose of it after use. So like a TTL of 5 min if you choose. That is how the steps describe it.
Just kidding of course.