AWScloud~30 mins

Root user vs IAM user in AWS - Hands-On Comparison

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Root user vs IAM user

📖 Scenario: You are setting up an AWS account for your small business. You want to understand the difference between the root user and IAM users to keep your account secure.

🎯 Goal: Create an AWS IAM user with limited permissions and compare it with the root user access.

📋 What You'll Learn

Create a variable called root_user representing the root user with full access

Create a dictionary called iam_users with two IAM users and their permission levels

Write a function called check_access that takes a username and returns their access level

Add a final statement that shows the access level of the root user and one IAM user

💡 Why This Matters

🌍 Real World

Understanding root and IAM users helps keep AWS accounts secure by limiting access.

💼 Career

Cloud engineers and administrators must manage user permissions carefully to protect resources.

Progress0 / 4 steps

Create root user and IAM users data

Create a variable called root_user with the value 'full_access'. Then create a dictionary called iam_users with these exact entries: 'alice': 'read_only' and 'bob': 'write_access'.

AWS

# Your code here

Need a hint?

Think of root_user as the main account with all permissions. IAM users have specific permissions.

Add a function to check user access

Write a function called check_access that takes a parameter username. If username is 'root', return the value of root_user. Otherwise, return the permission level from iam_users for that username.

AWS

root_user = 'full_access'
iam_users = {'alice': 'read_only', 'bob': 'write_access'}
# Your code here

Need a hint?

Use an if statement to check if the username is 'root'. Use iam_users.get() to safely get permissions for IAM users.

Use the function to get access levels

Create a variable called root_access and set it to the result of calling check_access with 'root'. Then create a variable called alice_access and set it to the result of calling check_access with 'alice'.

AWS

root_user = 'full_access'
iam_users = {'alice': 'read_only', 'bob': 'write_access'}
def check_access(username):
    if username == 'root':
        return root_user
    else:
        return iam_users.get(username, 'no_access')
# Your code here

Need a hint?

Call the function check_access with the usernames 'root' and 'alice' and save the results.

Add a final statement to show access levels

Create a dictionary called access_summary with keys 'root' and 'alice' and their corresponding access levels from root_access and alice_access.

AWS

root_user = 'full_access'
iam_users = {'alice': 'read_only', 'bob': 'write_access'}
def check_access(username):
    if username == 'root':
        return root_user
    else:
        return iam_users.get(username, 'no_access')

root_access = check_access('root')
alice_access = check_access('alice')
# Your code here

Need a hint?

Use a dictionary to summarize the access levels for 'root' and 'alice'.