Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > IAM > Flashcards

IAM Flashcards

1
Q

How are users, groups, policies and permission related ? and what about json

A
  • Users or Groups can be assigned JSON documents called policies
  • These policies define the permissions of the users
  • In AWS you apply the least privilege principle: don’t give more permissions than a user needs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can multiple policies be associated with one IAM user ?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Whats the format of policy json ?
what are the components of the policy and what are the components of “statement”

A
  • Consists of
    • Version:policy language version, always include“2012-10- 17”
    • Id: an identifier for the policy(optional)
    • Statement: one or more individual statements(required)
  • Statements consists of
    • Sid: an identifier for the statement(optional)
    • Effect: whether the statement allows or denies access (Allow, Deny)
    • Principal:account/user/role to which this policy applied to
    • Action:list of actions this policy allows or denies
    • Resource:list of resources to which the actions applied to
    • Condition:conditions for when this policy is in effect (optional)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Account and user inter-relation

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An IAM policy can be applied to what all things ?

A
  • Identities
    • Users
    • Groups
    • Roles
  • Resources
    • S3 buckets
    • EC2 instances
    • DynamoDB tables
  • Services
    • Amazon SNS
    • Amazon SQS
    • Amazon RDS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What things are considered as identities

A
  • AWS Account
  • IAM Users
  • IAM Roles
  • IAM Groups
  • Federated Users
  • AWS Services
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Whats ARN

A

Amazon Resource Name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a principal in AWS IAM ?

A

In AWS, a principal is an entity that can make a request to AWS. Principals can be
- IAM User
- IAM Role
- AWS Service
- AWS Account and root user
- Anonymous User
- Federated User Sessions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is IAM Users ?

A

An IAM user is an identity created within an AWS account that represents an individual or application. IAM users have unique credentials and can authenticate themselves to access AWS services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is IAM Role ?

A

An IAM role is similar to an IAM user but doesn’t have permanent credentials. IAM roles are used to delegate access to AWS resources and are assumed by trusted entities, such as IAM users or AWS services, to obtain temporary security credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is AWS service ?

A

Some AWS services act as principals to interact with other services and resources. For example, AWS Lambda functions, Amazon EC2 instances, and AWS Step Functions can assume IAM roles and perform actions on behalf of those roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is AWS Account ?

A

An AWS account itself can be considered a principal. Policies can be attached to the AWS account to define permissions that apply globally across all resources in the account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Anonymous User ?

A

In some cases, AWS resources can be publicly accessible to anonymous users without any authentication. Policies can be defined for anonymous users to control their access to specific resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Role can be assumed by who all ?

A

IAM users, AWS services, or even identity federation systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How can users access AWS ?

A
  • AWS Management Console (protected by password + MFA)
  • AWS Command Line Interface (CLI): protected by access keys
  • AWS Software Developer Kit (SDK) - for code: protected by access keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  • AWS Management Console (protected by password + MFA)
  • AWS Command Line Interface (CLI): protected by access keys
  • AWS Software Developer Kit (SDK) - for code: protected by access keys
    In these what are the principals for each
A

to be done

17
Q

Name 2 IAM security tools and what are they used for.

A
  • IAM Credentials Report (account-level)
    • a report that lists all your account’s users and the status of their various credentials
  • IAM Access Advisor (user-level)
    • Access advisor shows the service permissions granted to a user and when those services were last accessed.
    • You can use this information to revise your policies.
18
Q

Can I have more than one principal in an IAM Policy json

A

No, in AWS IAM (Identity and Access Management), you cannot have more than one principal in a single IAM policy JSON. An IAM policy is associated with a single principal, which can be a user, a group, or a role. The principal represents the AWS entity (such as a user or a group) to which the policy applies.

19
Q

What is an IAM identity ?

A

An IAM identity represents a human user or programmatic workload, and can be authenticated and then authorised to perform actions in AWS.
- Users
- User Groups
- Roles

20
Q

Who can use an IAM Role ?

21
Q

Whats the difference between an identity and a principal

AWS Cloud Practitioner (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions