IAM Flashcards
What is the best way to secure your root account? (3 items)
Enable MFA and never use it for day to day. Setup password policy rotation.
What are the steps to setup admins for your account?
Create an admin IAM group with appropriate permissions. Create admin IAM user accounts and assign to group
What is IAM?
Service to manage users and access
What is a root account?
Email used to create the AWS Account. Has full admin permissions.
What is a policy document written in?
JSON
What does a policy document consist of?
Allow, Effect, Resource
What is best practice to assign users permissions?
Add user to a group and assign policy to the group.
Is IAM Global or Regional?
Global
How do you assign permissions in AWS?
Using policy documents
What is an IAM group?
Grouped users, should be by job functions
What is an IAM role?
Allows one service to access another within AWS
By Default how much permissions does a user have?
User has no permissions by default
What is principle of least privilege?
Give a user the least amount of permission needed to do their job.
What do you need to do to SSO?
SAML with AD services for Identity Federation
What does programmatic access give you?
Access key and secret. Can view only once.
