IAM Flashcards
1
Q
IAM
A
- a root account by default and do not used or shared
- Create user with your organization, and can be group together
- Group only have user, and user can belong to multiple group
2
Q
Users
A
- Mapped to physical user, has password for AWS console
3
Q
Groups
A
Contains user only
4
Q
Policies
A
- JSON documents that outlines permissions for users or group
- IAM policy Inheritance:will be inherited by a group, were people are
- inline policy is attached to a user
5
Q
Roles
A
For EC2 instance or AWS service
- What is a proper definition of IAM Roles?
( An IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS service )
6
Q
Security
A
MFA + Password policy
7
Q
IAM password Policy:
A
- Protect user and group from getting compromised
- Strong password - high security
- Set password policy
- Allow IAM user to change password
- Prevent password reuse
- User change password after 90 day or more
8
Q
Multiple factor authentication - MFA
A
- Second defend
- to increase your root account security
- protect from wicked intention
- MFA= have password you know + security device you own like token, or app on your phone
- protect root account and IAM user
9
Q
How Can Users Access AWS?
A
- AWS management console
- AWS command line interface (CLI)
- AWS software AWS Developer kit (SDK) for code:
10
Q
AWS CLI
A
manage your AWS service using the command-line
11
Q
AWS SDK
A
manage your AWS services using a programming language
12
Q
Access Keys
A
- Access AWS using the CLI or SDK
- User have their own access keys
- ## DONT SHARE access key
13
Q
Audit
A
IAM credential reports & IAM access Advisor
14
Q
Login into IAM
A
- for security create a admin user account, so you can log out of the root account
- Admin would have a police called administratorAccess - to be an admin
15
Q
AWS CloudShell
A
- Region Availability
- alternative for the cli terminal