IAM & AWS CLI Flashcards
Is IAM a global service?
Yes
What are users?
Users are people in org. They can be put in groups.
What are groups?
Groups are a way of grouping users.
Why do we use groups?
To assign permissions to certain users.
Can users and groups be assigned permissions?
Yes, they can be assigned JSON documents called policies.
Principle of least privilege?
When you assign the least amount of permissions that are needed.
What are policies called that are attached to a user
Inline policy
What does a policy consist of?
version, id, statement - sid, effect, principal, action, resource, condition
IAM security tools?
Access Advisor - user-level- what permissions and when services last used & credentials report - account-level - account credentials
When should you use a root account
when setting up aws
how to make your account safe
use password policy and MFA
how to use AWS programatically
SDK or CLI
