Guide to IAM

Question 1

It enables you to securely control access to AWS services
and resources for your users.

Answer 1

AWS Identity and Access Management (IAM)

Question 2

IAM consists of the following?

Answer 2

Users
Groups
Roles

Question 3

The _______________ is created when you first set up your AWS account. The account has complete admin access.

Answer 3

root account

Question 4

New users have _______________ when first created.

Answer 4

no permissions

Question 5

IAM is universal, not regional. True or False

Answer 5

True

Question 6

New Users are assigned _______________ when first created.

Answer 6

Access Key ID & Secret Access Keys

Question 7

Access key ID & Secret Access Key cannot use the to Login in to the AWS
Management Console, True or False

Answer 7

True

Question 8

You can use Access key ID & Secret Access to access AWS via the?

Answer 8

APIs and Command Line

Question 9

Viewing Access Keys

Answer 9

You only get to view Access key ID & Secret Access Key once. If
you lose them, you have to regenerate them. So, save them in a
secure location.

Question 10

Use MFA

Answer 10

Always setup Multifactor Authentication (MFA) on your root
account.

Question 11

Password Rotation

Answer 11

You can create and customize your own password rotation
policies.

Question 12

It allows users to authenticate with a web identity provider, like Google, Facebook, or Amazon.

Answer 12

Web Identity Federation

Question 13

An _______________ is exchanged for temporary AWS credentials, allowing users to assume an IAM role.

Answer 13

authentication token

Question 14

It is an Identity Broker which handles interaction between your applications and the Web ID provider.

Answer 14

Cognito

Question 15

Provides sign-up, sign-in and guest user access

Answer 15

Cognito

Question 16

Syncs user data for a seamless experience across your devices

Answer 16

Cognito

Question 16

It is the AWS-recommended approach for Web ID Federation

Answer 16

Cognito

Question 17

Cognito uses _______________ to manage user sign-up and sign-in directly, or via Web Identity Providers.

Answer 17

Cognito User Pools

Question 18

Cognito push synchronization uses SNS to ______________________ associated with a single user ID.

Answer 18

send a silent push

Question 19

It enable you to provide temporary AWS credentials.

Answer 19

Identity Pools

Question 20

Enabling access to AWS services like S3 or DynamoDB.

Answer 20

Identity Pools

Question 21

We can use a ______________________ to enable anonymous access to DynamoDB.

Answer 21

Cognito identity pool

Question 22

What is the 3 different types of IAM Policies?

Answer 22

Managed Policy
Customer Managed Policy
Inline Policy

Question 22

It is the type of IAM Policies that AWS-managed default policies.

Answer 22

Managed Policy

Question 23

It is the type of IAM Policies that managed by you.

Answer 23

Customer Managed Policy

Question 24

It is the type of IAM Policies that managed by you and embedded in a single user, group, or role.

Answer 24

Inline Policy

Question 25

In most cases, What IAM Policy AWS recommends using?

Answer 25

AWS recommends using Managed Policies over Inline Policies.