Background + IAM Flashcards

1
Q

Problems with traditional IT approach

A

Pay for the rent for the data center
• Pay for power supply, cooling, maintenance
• Adding and replacing hardware takes time
• Scaling is limited
• Hire 24/7 team to monitor the infrastructure
• How to deal with disasters?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is cloud computing

A
  • on-demand delivery of resources
  • pay-as-you-go pricing
  • provision the right type and size of resources
  • access almost instantly
  • Simple way to access resources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are cloud deployment models?

A
  • Private Cloud
  • Public Cloud
  • Hybrid Cloud
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the characteristics/advantages of cloud computing?

A
  • On-demand self service
  • Trade capex for opex / variable expense
  • Broad network access
  • Multi-tenancy and resource pooling
  • Rapid elasticity and scalability
  • Stop maintaining data centers
  • Measured service / Pay as you go for what you use
  • Go global in minutes
  • High availability and fault tolerance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the types of cloud computing

A

Infrastructure as a service
Platform as a service
Software as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are AWS pricing fundamentals?

A
  • Compute time
  • Storage used
  • Data transferred out (Data in is free)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS Global Infrastructure

A
  • Regions (cluster of data centers, 2 or more AZs)
  • Availability Zones (one or more discrete data centers)
  • Data Centers
  • Edge Presence
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is IAM?

A

Identity and Access Management

  • Root account
  • User
  • Groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Descrine IAM Permissions

A
  • Assigned in JSON document
  • define the permissions
  • use the least privilege principle
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IAM - Password policy

A
  • Setup your own policy

- pw requirements (length, chars, expiration)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AWS MFA

A
  • Prevents use of stolen pw/credentials
  • Virtual MFA: Google Authenticator / Authy phone apps
  • Universal 2nd Factor (U2F): YubiKey (USB Device)
  • Hardware Key FOBs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How is AWS accessed

A
  • Management console
  • Command line interface
  • Software development kit
  • AWS Cloudshell - cloud cli in AWS
    Each uses access keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IAM Roles for services

A
  • some services perform actions on your behalf

- must assign permissions to these services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IAM Montoring Reports

A
  • IAM Credentials Report (overall account view)

- IAM Access Advisor (user view)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly