Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS CCP > IAM - Identity Access Management > Flashcards

IAM - Identity Access Management Flashcards

1
Q

AWS IAM (Identity Access Management)

A

Is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM - Password Policy

A

-Strong passwords
-Setup a password policy
-Allow all IAM users to change their own passwords
-Password expiration
-Prevent password re-use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Multi Factor Authentication (MFA)

A

It’s a second authentication factor in addition to user name and password sign-in credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

MFA devices options in AWS

A

-Virtual MFA Device (Apps)
-Universal 2nd Factor (U2F) Security Key
-Hardware Key Fob MFA Device
-Hardware Key Fob MFA Device for GovCloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can users access AWS ?

A

-AWS Management Console - Protected by password + MFA
-AWS CLI - Protected by access keys
-AWS SDK- for code: Protected by access keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What’s the AWS CLI?

A

A tool that enables you to interact with AWS services using commands in your command-line shell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What’s the AWS SDK?

A

Enables you to access and manage AWS services programmatically

-Embedded within your application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Roles

A

An IAM role is an IAM identity that you can create in your account that has specific permissions.

You can use roles to delegate access to users, applications, or services that don’t normally have access to your AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM Users

A

Is an entity that you create in AWS to represent the person or application that uses it to interact with AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IAM Security Tools

A

-IAM Credentials Report (account-level) = a report that lists all your account’s users and the status of their various credentials.
-IAM Access Advisor (user-level) = Access advisor shows the service permissions granted to a user and when those services were last accessed. You can use this information to revise your policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IAM Best Practices

A

-Don’t use the root account except for AWS account setup
-Create a strong password policy
-Use MFA /// - Use access keys for CLI-SDK
-Create roles for giving permissions for AWS services
-Audit permissions with the IAM Credentials Report

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IAM Section - Summary

A

-Users / Groups / Roles
-Policies (JSON document)
-Security (MFA)
-AWS CLI / AWS SDK
-Access keys
-Audit with IAM CR & IAM AA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

AWS CloudShell

A

Is a browser-based shell that makes it easy to securely manage, explore, and interact with your AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS CCP (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions