Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Solutions Architect > Course Fundamentals and AWS Accounts > Flashcards

Course Fundamentals and AWS Accounts Flashcards

1
Q

AWS Account

A

An AWS Account is a container for identities (users) and resources

By default all access to an AWS Account & resources is denied except for the Account Root User

All external identities are denied by default but can be granted access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AWS Multi-Factor Authentication (MFA)

A

Is a simple best practice that adds an extra layer of protection on top of your user name and password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Identity and Access Management

A

IAM is a globally resilient service, so any data is always secure across all AWS regions

  • IAM is what allows additional identities to be created within an AWS account - identities which can be given restricted levels of access.
  • No cost
  • Identity federation and MFA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM Basics

A

IAM identities start with no permissions on an AWS Account, but can be granted permissions (almost) up to those held by the Account Root User.

It’s always best practice to only give the permissions required to do a job, or perform a task = this is called Least Privileged Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM lets you create three different types..

A
  • IAM User: Identities which represent humans or applications that need access to your account. (when you can identify the individual thing that will log in with that user, so if it’s an individual person or individual application, then generally you’ll use users.)
  • IAM Groups: Colletion of related users
  • IAM Roles: Can be used by AWS Services, or for granting external access to your account. Roles tend to get used when the number of things is uncertain, so if you want to grant users of external accounts access to say a simple storage service bucket, or an uncertain number of EC2 instances access to certain services in your account, or allow AWS services themselves to interact on your behalf, then you’ll generally use a role.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM Policy

A

IAM let’s you create these policies which are essentially objects or documents which can be used to allow or deny access to AWS services, only when they’re attached to IAM Users, Groups, or Roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM has 3 main jobs..

A
  • Manages Identities - An ID Provider (IDP)
  • Authenticates Identities: Prove you are who you claim to be
  • Authorizes Identities: Allow or deny access to resources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Account Root User

A

It’s not possible to restrict the Account Root User, you can’t delete it or recreate it, we should almost NEVER use it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Access Keys

A

Are long-term credentials available within AWS and are with by IAM users

  • Access keys are formed from two parts, Access Keys ID and Secret Access Key (There’s no ability to get access again)
  • An IAM users can have two access keys (no more)
  • Access keys can be created, deleted, made inactive or made active (default)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Commands with AWS CLI

A
  • aws –version = to see the CLI version that you installed
  • aws configure –profile USER-NAME = to configure a profile that will have an access keys
  • aws s3 ls –profile USER-NAME = to see if the profile has any S3 buckets created
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Solutions Architect (23 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions