IAM Flashcards
Identity and Access Management is available in what region?
It is a global service.
What account is created by default and shouldn’t be used or shared?
The root account.
What is the relationship between Users and Groups?
Groups only contain users. Users can belong to any number of groups or no groups.
What is the name of the JSON document assigned to a Group or User that defines their Permissions?
Policy Document.
True or False. Best practice is to give a User access to as many things as possible.
False.
IAM Policies consist of what 3 properties?
Version, Id, and Statements
An IAM Policy Statement requires what 5 properties?
SID, Effect, Principal, Actions, and Resources.
What does the Effect property on an IAM Policy Statement define? What are the possible values for this property?
- Whether the statement allows or denies access.
- Allow or Deny.
What does the Principal property on an IAM Policy Statement define?
The account, user, or role to which the policy applies to.
What does the Action property on an IAM Policy Statement define?
A list of actions that the policy effect applies to.
What does the Resource property on an IAM Policy Statement define?
A list of resources the policy effect apply to.
What is the optional property on an IAM Policy Statement?
Condition
What are the three ways users can access AWS?
AWS Management Console, AWS CLI, and AWS SDK
What do you use to give permissions to an AWS Service or anything that is not a human user?
IAM Roles
What service shows an account-level overview of your users and the status of their credentials?
IAM Credentials Report
