Vikas Yandamuri
what is a power user ? How is a power user created ?
1 Answers
K.Scott Booth
Q1: What is a power user ? A1: Inside IAM there is a policy called PowerUserAccess. The description is "Provides full access to AWS services and resources, but does not allow management of Users and groups."
Q2: How is a power user created ? A2: You create a PowerUser the same as any other user, while creating the account add them to a group that has the PowerUserAccess Policy
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html AWS managed policy name: PowerUserAccess Use case: This user performs application development tasks and can create and configure resources and services that support AWS aware application development. Policy description: The first statement of this policy uses the NotAction element to allow all actions for all AWS services and for all resources except AWS Identity and Access Management and AWS Organizations. The second statement grants IAM permissions to create a service-linked role. This is required by some services that must access resources in another service, such as an Amazon S3 bucket. It also grants Organizations permissions to view information about the user’s organization, including the master account email and organization limitations.