AWS Identity and Access Management (IAM) | Additional Questions Flashcards
Can a user access the AWS accounts billing information?
Additional Questions
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
Yes, but only if you let them. In order for IAM users to access billing information, you must first grant access to the Account Activity or Usage Reports. See Controlling Access.
What happens if a user tries to access a service that has not yet been integrated with IAM?
Additional Questions
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
The service returns an “Access denied” error.
Are IAM actions logged for auditing purposes?
Additional Questions
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
Yes. You can log IAM actions, STS actions, and AWS Management Console sign-ins by activating AWS CloudTrail. To learn more about AWS logging, see AWS CloudTrail.
Is there any distinction between people and software agents as AWS entities?
Additional Questions
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
No, both of these entities are treated like users with security credentials and permissions. However, people are the only ones to use a password in the AWS Management Console.
Do users work with AWS Support Center and Trusted Advisor?
Additional Questions
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
Yes, IAM users have the ability to create and modify support cases as well as use Trusted Advisor.