Identify and Access Management Flashcards
What AWS Product does IAM stand for?
Identity and Access Management
What is Identify Access Management?
A web service that helps you securely control access to AWS resources.
What is the AWS Account Root User?
A single sign-in identify that has complete access to all AWS services and resources in an AWS account.
What are the 4 ways that you can work AWS IAM?
- AWS Management Consol2
- AWS Command Line Tools
- AWS SDKs
- IAM HTTPS API
What default AWS services does a a new user have access to?
None, they can only access the AWS console.
Permissions must be {insert word} granted to to allow a user access to an AWS service.
Explicitly
What are IAM users?
Individuals who have ben granted access to an AWS account.
Each IAM user has 3 main components?
- A user-name
- A password
- Permission to access various resources
You can apply {insert word} permissions with IAM.
Granular
What are the 3 types of individual security credentials you can assign to users?
- Access keys
- Passwords
- Multi-factor Authentication Devices
What authentication is IAM not used for?
Application-level authentication
Ho can you callow secure access to resources in an AWS account without creating an IAM user account?
Using Identify Federation (including Active Directory, Facebook)
What is Identify Federation
Identify Federation is the means of linking a person’s electronic identity and attributes, stored across multiple distinct identity management systems.
MFA can be enforced at what 2 levels?
- The account
2. Individual users under the account
What is Multi-factor Authentication?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.
