Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Self Learning > IAM > Flashcards

IAM Flashcards

1
Q

What types of policies are there?

A
  • Inline policies - JSON attached to resource.
  • Managed Policies - reusable json with a name.
  • Resource Policies - can be assigned only to service resource. Checks specific identities can allow or deny access. Always have principal component.
  • Permission Policies - Allow or deny access to use a specific resource
  • Identity Policies - can be attached only to identities
  • Trust Policies - Specifies which identities can assume the role.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are parts of the policy?

A

Statement:
- SID
- Resource
- Action
- Effect
- Principal - determines which identites can use the policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How overlapping policies and statements work?

A
  1. Explicit deny
  2. Explicit allow
  3. Implicit deny
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is authentication and authrorization?

A

Authentication - verifies the identity
Authorization - determines access rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many iam users can be created per account?

A

5000

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many groups can be added to each user?

A

10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is ARN?

A

Amazon Resource Name” uniquely identify resources within any AWS accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How many groups can be created?

A

soft limit - 300

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How roles work?

A

There are 2 policies:
- Trust policy - determines who can assume the role
- Permission policy - what permissions this identity have

Generate temperature security credentials therefore don’t combine actual identities permissions with roles permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is role separation?

A

Role seperation is mehanics that allows different identity to have different permissions to operate with resource. For example administrative, encrypt, decrypt.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are service linked roles?

A

Service creates role for himself which allow interacting with other AWS services. User cannot change or delete the role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is break glass situation?

A

A user with no permissions assumes role that have required permissions to execute some action.
When user have not assumes the role, he is protected by accidentally executing something.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How external identities interact with AWS?

A

They must assume Role or use an iam identity to interact with services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is identity federation?

A

External identities assume a role in aws - for example SAML, google, facebook.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Self Learning (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions