Understanding the difference between AWS Root, Administrator & Power User?

The AWS Account Root User
When you first create an Amazon Web Services (AWS) account, you begin with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that you used to create the account.

Developer Power User
This is an IAM user by AWS managed policy name: PowerUserAccess. This provides full access to AWS services and resources, but does not allow management of Users and groups.This user performs application development tasks and can create and configure resources and services that support AWS aware application development.

Policy description: This policy grants all actions for all AWS services and for all resources except AWS Identity and Access Management and AWS Organizations. It grants IAM permissions to create a service-linked role. This is required by some services that must access resources in another service, such as an Amazon S3 bucket. It grants Organizations permissions to view information about the user’s organization, including the master account email and organization limitations.

Administrator
This is a IAM user by AWS managed policy name: AdministratorAccess. This user has full access and can delegate permissions to every service and resource in AWS.

Policy description: This policy grants all actions for all AWS services and for all resources in the account.

Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)