Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > IAM Section > Flashcards

IAM Section Flashcards

1
Q

IAM

A
  • Identity and Access Management, Global service
  • Root account created by default, shouldn’t be used or shared
  • Users are people within your organization, and can be grouped
  • Groups only contain users, not other groups
  • Users don’t have to belong to a group, and user can belong to multiple groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM Policy Structure

A

Consists of
• Version: policy language version, always include “2012-10-17”
• Id: an identifier for the policy (optional)
• Statement: one or more individual statements (required)

Statements consists of
• Sid: an identifier for the statement (optional)
• Effect: whether the statement allows or denies access (Allow, Deny)
• Principal: account/user/role to which this policy applied to
• Action: list of actions this policy allows or denies
• Resource: list of resources to which the actions applied to
• Condition: conditions for when this policy is in effect
(optional)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MFA

A

password you know + security device you own

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

MFA devices options in AWS

A
  • Virtual MFA device
  • Universal 2nd Factor (U2F) Security Key
  • Hardware Key Fob MFA Device
  • Hardware Key Fob MFA Device for AWS GovCloud (US)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can users access AWS

A
  • AWS Management Console (protected by password + MFA)
  • AWS Command Line Interface (CLI): protected by access keys
  • AWS Software Developer Kit (SDK) - for code: protected by access keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AWS CLI

A

• A tool that enables you to interact with AWS services using commands in
your command-line shell
• Direct access to the public APIs of AWS services
• You can develop scripts to manage your resources
• It’s open-source https://github.com/aws/aws-cli
• Alternative to using AWS Management Console

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS SDK

A
  • AWS Software Development Kit (AWS SDK)
  • Language-specific APIs (set of libraries)
  • Enables you to access and manage AWS services programmatically
  • Embedded within your application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IAM Roles

A

• assign permissions to AWS services with IAM Roles

Common roles:
• EC2 Instance Roles
• Lambda Function Roles
• Roles for CloudFormation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IAM Credentials Report (account-level)

A

a report that lists all your account’s users and the status of their various
credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IAM Access Advisor (user-level)

A

• Access advisor shows the service permissions granted to a user and when those
services were last accessed.
• You can use this information to revise your policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Cloud Practitioner (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions