Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certification > Associate Developer > Flashcards

Associate Developer Flashcards

1
Q

IAM (Identity and Access management)

A

 Centralized Control (Global, not region sepcific)  Shared Access  Granular Permissions  Identity federation (AD, Facebook, Linkedin)  Multifactor Authentication  Temporary Access to users/device/services  Password Rotation Policy  Integrates many AWS Services  Supports PCI DSS compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM consists of ?

A

Users, Groups, Roles, Policy Document

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Security Token Service (STS)

A
  1. Federation (AD) 2. Federation with Mobile Apps 3. Cross Account Access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Federation

A

combining or joining a list of users (such as IAM) with list of users in another domain (such as AD, facebook etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Federation (AD)

A

• Users Security Assertion Markup Language (SAML) • Grants temporary access based of the users AD credentials, does not need to be a user in IAM • Single Sign on allows users to log into AWS console without assigning IAM credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Federation with Mobile Apps

A

• Use FB/Amazon/Google or other OpenID providers to login

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cross Account Access

A

• Let’s users from one AWS account access resources in another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Identity Broker

A

A Service that allows you to take an identity from point A and join it (federate it ) to Point B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Identity Store

A

services like AD , Facebook, Google etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Identities

A

a user of a service like FB etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IAM STS setup steps

A
  1. Develop an Identity Broker to communicate with LDAP and AWS STS 2. Identity Broker always authenticates with LDAP First then with AWS STS 3. Application then gets temporary access to AWS resources 4. Application uses that IAM role to interact with S3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AWS Sign-in URL Format

A

https://.signin.aws.amazon.com/oauth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IAM Role

A

An IAM role is an IAM entity that defines a set of permissions for making AWS service requests. IAM roles are not associated with a specific user or group. Instead, trusted entities assume roles, such as IAM users, applications, or AWS services such as EC2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

API call used to generate temporary security credentials

A

AssumeRoleWithSAML Api request is made to get temporary securtiy credentials and generates a signin url

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SAML

A

Security Assertion Markup language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

API call for Web Identity Federation to get temporary security credentials

A

AssumeRoleWithWebIdentity API request is made to generate temporary security token

17
Q

AWS sign-in endpoint for SAML

A

https://signin.aws.amazon.com/saml

AWS Certification (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions