AWS Identity and Access Management (IAM) | Signing In Flashcards
Can I use the policy simulator programmatically?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
Yes. You can use the policy simulator using the AWS SDKs or AWS CLI in addition to the policy simulator console. Use the iam:SimulatePrincipalPolicy API to programmatically test your existing IAM policies. To test the effects of new or updated policies that are not yet attached to a user, group, or role, call the iam:SimulateCustomPolicy API.
How does an IAM user sign in?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
To sign in to the AWS Management Console as an IAM user, you must provide your account ID or account alias in addition to your user name and password. When your administrator created your IAM user in the console, they should have provided you with your user name and the URL to your account sign-in page. That URL includes your account ID or account alias.
https://My_AWS_Account_ID.signin.aws.amazon.com/console/
You can also sign in at the following general sign-in endpoint and type your account ID or account alias manually:
https://console.aws.amazon.com/
For convenience, the AWS sign-in page uses a browser cookie to remember the IAM user name and account information. The next time the user goes to any page in the AWS Management Console, the console uses the cookie to redirect the user to the account sign-in page.
Note: IAM users can still use the URL link provided to them by their administrator to sign in to the AWS Management Console.
What is an AWS account alias?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
The account alias is a name you define to make it more convenient to identify your account. You can create an alias using the IAM APIs, AWS Command Line Tools, or the IAM console. You can have one alias per AWS account.
Which AWS sites can IAM users access?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
IAM users can sign in to the following AWS sites:
AWS Management Console
AWS Forums
AWS Support Center
AWS Marketplace
Can IAM users sign in to other Amazon.com properties with their credentials?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
No. Users created with IAM are recognized only by AWS services and applications.
Is there an authentication API to verify IAM user sign-ins?
Signing In
AWS Identity and Access Management (IAM) | Security, Identity & Compliance
No. There is no programmatic way to verify user sign-ins.