![\"\"](\"https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2018\/11\/Understanding-AWS.png\")
<\/p>\n<\/p>\n
The AWS Account Root User<\/strong> Developer Power User<\/strong> Policy description: This policy grants all actions for all AWS services and for all resources except AWS Identity and Access Management and AWS Organizations. It grants IAM permissions to create a service-linked role. This is required by some services that must access resources in another service, such as an Amazon S3 bucket. It grants Organizations permissions to view information about the user’s organization, including the master account email and organization limitations.<\/p>\n Administrator<\/strong> Policy description: This policy grants all actions for all AWS services and for all resources in the account.<\/p>\n\n
\nWhen you first create an Amazon Web Services (AWS) account, you begin with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the AWS account root user and is accessed by signing in with the email address and password that you used to create the account.<\/p>\n
\nThis is an IAM user by AWS managed policy name: PowerUserAccess. This provides full access to AWS services and resources, but does not allow management of Users and groups.This user performs application development tasks and can create and configure resources and services that support AWS aware application development.<\/p>\n
\nThis is a IAM user by AWS managed policy name: AdministratorAccess. This user has full access and can delegate permissions to every service and resource in AWS.<\/p>\n