IAM Flashcards
1
Q
IAM ‘Principal’ Types
A
User
Federated User
Application
Role
2
Q
Identity Based Policy Elements
A
Effect
Action
Resource
Condition
3
Q
Resource Based Policy Elements
A
Effect
Action
Principle
Condition
4
Q
Describe Identity Policies
A
Applies to a User, Group, or Role
Checks see if the ‘identity’ has permissions
5
Q
Describe Resource Policies
A
Applies to a Service/Principle
Useful for permitting various ‘accounts’ permission to perform actions.
6
Q
Identity vs. Role
A
Identify = Has Credentials IN AWS (and tied to account)
Role = Can be ‘assumed’ to get temporary credentials. Used be applications or Federated Users
7
Q
IAM Groups
A
Collection of AWS Users
Used for management/organization
Apply Identity Policy