I have recently installed Amazon Linux on EC2 to run NodeJS applications.
It is recommended to run them as a non root user. This user will still be me so there is no concern that someone else will have access to vim, that's off the list.
I added a newuser and now newuser has the same sudo rights as root. So how is it safer now? Is it just because newuser will have to enter a password to run commands?
Because you can define a specific set of commands in /etc/sudoers that newuser is limited to running with elevated privileges. Ideally you find out what minimum commands are needed and limit it to that. Don't allow the account to sudo all commands as root if you can help it.
Next, you do not permit root to login via ssh. (/etc/ssh/sshd_config, set PermitRootLogin no). You always ssh login as yourself, not root, then just use sudo as needed.
If a malicious user got access to your login and you have unrestricted sudo access, you are correct: sudo access wouldn't provide any additional barrier compared to just using a root shell directly. (That's likely the first thing they would do with their sudo access anyway.)
However, if it's just you using it, using normal privileges except when you actually need root access can help prevent some unpleasant mistakes.
It's not a point of security; it's a point of accident prevention.
This has been discussed extensively elsewhere on this site:
Note: Setting up sudo in a corporate environment with access restricted to very specific commands is of course an actual security advantage. With my statement above I'm referring to personal computers, and answering the question: "Why is unrestricted sudo access preferable to using a root shell directly, even on a personal computer?" It's preferable because it prevents accidents.
