Why AWS advises to not to create an access key for the root user?

How many access keys can an AWS account have at a time?

What are access keys and secret keys? What is the purpose of creating them?

What is the difference between VPC endpoint and NAT gateway?

Why the VPC endpoint is preferred over the NAT gateway for a private instance to access other AWS services?