Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > IAM (Identity and Access Management) > Flashcards

IAM (Identity and Access Management) Flashcards

1
Q

Overview

A

least privilege principle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Advisor

A

Need more details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cognito

A

Identity management
Let aws user add sign-in, signup to web and mobile apps quickly
Support OIDC, SAML 2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Directory services

A

Managed Microsoft active directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Account alias

A

Customize login url

used as the account ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM Root user

A

created by default, should not share, has the most power

MFA should be enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM Users

A

can be part of 0 to n groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Identities

A

Users
Groups
Roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM Group

A

Contains users only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IAM Policies

A

Types
Identity-based: attach managed and inline policies to IAM identities → grant permission to identities
Resource-based policies: attach inline policies to resources.
Permissions boundaries:
Define maximum permissions that the identity-based policies can grant to an entity
Does not grant specific permission
Do not define the maximum permissions that a resource-based policy can grant
Organizations SCPs:
Use with AWS Organizations
Define the maximum permissions for account members of and organization or organization unit
Do not grant a specific permission
Access Control Lists (ACLs)
The only policy that doesn’t use JSON structure
Similar to resource-based policies
Session policies
Used to manage access by creating policy and attach to IAM identities
Define permissions
When creating a new IAM Policy, these are the required fields:
PolicyName
PolicyDocument
AWS managed policies
Standalone policies created and managed by AWS
Provide permissions for common use cases
Customer managed policies
Standalone policies that are created and managed by the user
Inline policies
embedded in an IAM identity
Inline vs managed policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Roles

A

Not used by users but by programs

For example, assign a role to EC2 to do some tasks on aws

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Strong password using password policy

A

Require length
prevent-reuse
force rotation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CloudShell

A

Terminal in the cloud (similar to google’s shell)

Terminal open in browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Role

A

Consists of permissions

Use to create custom combinations of permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

IAM Credentials report

A

Export all accounts to CSV highlighting which account has MFA enabled etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Cloud Practitioner (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions