IAM Flashcards
IAM?
+ Identity and Access Management
+ It is a GLOBAl service in AWS.
(page 40)
Root User?
The Principal User that is created by default with an account of AWS, has all rights to work with AIM and AWS.
(page 40)
Users?
Logical entities that represent users in the organization, and must be created with the Root user.
They can whether or not be grouped.
They can whether or not belong to a group.
(page 40)
Group?
A logical entity that only contains users.
page 40
User or Groups?
Can be assigned permissions through a JSON Document called Policies.
(page 41)
Policy?
Define the permission of users
(page 41)
Least Privilege Principle?
Don’t GRANT more than the user needs, whith leastet permissions as possible.
(page 41)
INLINE Policy?
A policy assigned to a User that has no group.
page 42
Parts of Policy (JSON Doc)?
- Version. Date of the policy
- ID. Custom and unique name.
- Statment. Individual statements of the policy
(page 43)
Statement Policy?
- SID. Id of the statement
- Effect. How the policy works: Allow or Deny
- Principal. account, user, or role to which this policy is applied.
- Action. List of features in the service that the policy is in effect.
- Resource. The list of resources (user or role) on which the policy is in effect.
- Condition. Condition from where the policy is in effect.
(Page 43)
IAM Password Policy?
Set of rule that defines how IAM password must be created and Handled.
(Page 44)
MFA?
+ Multi-Factor Authentication
+ The mechanism which complements the password of an account with a security device
(Page 45)
Virtual MFA Device?
Authenticate APP installed on a Mobile Device
Security key?
Authenticate by touching a security hardware key
Three way to access to AWS?
+ AWS Management Console.
+ AWS Command Line Interface (CLI)
+ SKK / API.
In which access type is used Password and MFA?
AWS Management Console