Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cloud Practitioner Exam > Identity & Access Management > Flashcards

Identity & Access Management Flashcards

1
Q

IAM

A

allows you to create users, roles, groups, permissions, and monitor access of AWS to users and groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is IAM structured

A

Like a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. Instead of being uniquely associated with one person, however, a role is intended to be assumable by anyone who needs it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MFA

A

Can Leverage MFA as second layer of authentication such as YubiKey or RSA token

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

3 ways to use/access/interact with AWS?

A
  1. AWS Management Console – easy to use graphical interface
  2. Command Line Interact/Programmatic Access – enable access key ID and Command Line
    • allows you to work with AWS resources
    programmatically
    • access to services by discrete command
  3. Software Developers Kit (SDK) – used with an API, access service in code like python
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When you create IAM policies

A

always grant the least privilege access needed for an employee for security reasons

Principle of Least Privilege
- Policies are always written in Java Script
- Root Account = email address you used
to setup your AWS Account (full admin
access)
- Roles are always universal and you can
use them in any region around the world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Tags

A

Key value pairs attached to AWS resources that contain metadata
- Tags can be inherited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Specific Information for Tags

A
  • EC2 = Public and Private IP Addresses
  • ELB = Port Configurations
  • RD = Database Engine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Tag Editor

A

global service that allows us to discover resources and to add additional tags to them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cost Allocation

A

a tag you can use to track your AWS cost on a detailed level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Resource Groups

A

make it easy to group your resources using the tags that are assigned to them

  • Group = place to store users (to set
    permissions for groups, you need to apply
    a policy to that group)
  • Can contain: Region, name, Employee ID,
    Department
  • You can group resources that share one or more tags
  • You can apply automation to resources tagged with specific tags
  • Resource Groups with AWS Systems Manager allow you to control and execute automation against entire fleets of EC2 Instances, all with the push of a button
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cloud Practitioner Exam (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions