IAM

Question 1

Service Roles

Answer 1

Every AWS service has an associated role.

Question 2

Cross Account Roles

Answer 2

Allows IAM users from one of your AWS accounts to access this account.

Question 3

Identity Provider Role

Answer 3

Allow users from web identity providers to access this account. (Oauth, OpenID, Facebook, Google) Grant API access to SAML providers.

Question 4

Are IAM roles Global or regional?

Answer 4

Roles are Global, you cannot create a regional Role.

Question 5

Roles assigned to instances

Answer 5

Roles can be assigned to both a running and none running instance.

Question 6

What is IAM?

Answer 6

Identity and Access Management is a Featura of your AWS account that enables you to manage access to AWS services and resources securely.

Question 7

What do Policies manage?

Answer 7

1) Users (physical people) 2) Groups (Functions(admins,devs)) & Teams (engineering) 3) Roles. (internal usage within AWS resources)

Question 8

What is IAM Federation?

Answer 8

Enterprises can integrate their own repository of users with IAM using the SAML standard.

Question 9

What entities can you find in IAM?

Answer 9

• Users - Groups - Roles - Policies

Question 10

What is a User Access Key ID & Secret Access Key?

Answer 10

Keys created to access resources via APIs and CLI, but differente that the User Console password. You can only view them once: after that, if lost, you have to regenerate them.

Question 11

What is an IAM Policy?

Answer 11

It’s a document that provides a formal statement of one or more permissions.