IAM Users & Groups Flashcards

1
Q

Groups

A
  • Only contain users
  • Can’t contain groups
  • A user can be in multiple groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM: Permissions

A

Users or Grops can be assigned JSON documents called policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Policies

A

JSON document that defines permissions assigned to a user or group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM (Identity and Access Management)

A
  • Global Service
  • Manage accounts and groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In Line Policy

A

Policy that applies to only one user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Multi Factor Authentication options

A
  • Virtual MFA
  • Hardware Key Fob
  • Hardware Key Fob for GovCloud (US)
  • Univeral 2nd (U2F) Secruity Key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Virtual MFA Options

A
  • Phone app
  • Google Authenticator
  • Authy
  • Support multiple tokens on a single device
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Univerals 2nd (U2F) Secruity Key

A
  • Physical Device
  • YubiKey, by Yubico
  • Multiple root and IAM users using a single key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Hardware Key Fob MFA Device

A

Gemalto

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Hardware Key Fob MFA Device for AWS GovCloud (US)

A

SurePassID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IAM Roles

A

Permissions for AWS services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IAM Secrutiy Tools

A
  • Credentials Report (account-level)
  • Access Advisor (user-level)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IAM Credentials Report

A
  • Account level
  • List all users and the status of their credentials
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IAM Access Advisor

A
  • User level
  • Shows permissions granted to a user and when those were last accessed
  • Can be used to revise permissions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

IAM Best Practices

A
  • Only use root account for setup
  • Use MFA
  • Use Roles for perms to services
  • Use Access Keys for CLI/SK
  • Audit permissions using Credentials Report & Access Advisor
How well did you know this?
1
Not at all
2
3
4
5
Perfectly