IAM

Question 1

Power User access allows….

Answer 1

Access to all AWS services except for management of groups and users within IAM.

Question 2

What level of access does the root account has? (Read only, Power user, Administrator or No access)

Answer 2

Administrator access

Question 3

Are IAM configurations global or regional?

Answer 3

Global

Question 4

Can you log in to the AWS web console using the Access Key Id and Secret Access Key?

Answer 4

No. You must generate a password for the user and supply the user with this password, as well as the unique link to sign in to the AWS console.

Question 5

What is an additional way to secure IAM for both the root login and new users alike?

Answer 5

Implement MFA (multi factor authentication) for all accounts

Question 6

By default, when you create a new user in the IAM console, what level of access do they have?

Answer 6

No access to any AWS service

Question 7

In what language are policy documents written in?

Answer 7

JSON

Question 8

What are IAM groups?

Answer 8

A collection of users under a set of permissions

Question 9

What are IAM roles?

Answer 9

IAM roles are a secure way to grant permissions to entities that you trust, such as:

• IAM user in another account
• Application code running on an EC2 instance that needs to perform actions on AWS resources
• Etc.

Question 10

Using SAML you can give your federated users SSO access to the AWS Management Console (true or false)

Answer 10

True

Question 11

When editing permissions (policies and ACLs), to whom does the concept of the “Owner” refer?

Answer 11

The “Owner” refers to the identity and email address used to create the AWS account.