IAM Flashcards
IAM
IAM
Identity and Access Management
Create user accounts and control access
IAM
Root User best practice
IAM
Use only for managing IAM
IAM
Federation
IAM
Supports AD or SAML integration
IAM
MFA
IAM
Provides second factor for authentication
IAM
Best practice
IAM
Identities are given minimum access to complete tasks
IAM
IAM Credentials report
IAM
Lists users and status of their credentials
IAM
IAM Access Advisor
IAM
Shows service permissions and last accessed for user
IAM
User
IAM Identity
Account for single individual
IAM Identity
Group
IAM Identity
Permission management for users
IAM Identity
Group nesting
IAM Identity
May not nest groups
IAM Identity
Group membership
IAM Identity
Users can be in many groups, or none
IAM Identity
Role
IAM Identity
AWS Service can be granted access to another AWS Service
IAM Identity
IAM Policy
IAM
JSON document that defines permission for IAM Identity
IAM
Who can manage
IAM Policy
Can be managed by AWS or by customer
IAM Policy
IAM Policy structure (3)
IAM Policy
- Version
- ID
- Statement
IAM Policy
Statement structure (4/6)
IAM Policy
- SID
- Effect
- Principal
- Action
- Resource
- Condition
IAM Policy
Version
IAM Policy
Policy language version
IAM Policy
Id
IAM Policy
Unique Identifier
IAM Policy
Statement
IAM Policy
Defines what the policy does
IAM Policy
Sid
IAM Policy Statement
Statement Identifier
IAM Policy Statement