Module 6: Security Flashcards
A way to consolidate and manage multiple AWS accounts within a central location.
AWS Organizations
In AWS Organizations, you can centrally control permissions for the accounts in your organization by using
service control policies (SCPs)
This enable you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access.
service control policies (SCPs)
What can SCPs be applied to
An individual member account
root
OU
An identity that you create in AWS
IAM user
IAM users have no default permissions assigned, True or False
True
A document that allows or denies permissions to AWS services and resources
IAM policy
A collection of IAM users
IAM group
An identity that you can assume to gain temporary access to permissions
IAM role
shared responsibility model: Database
AWS
shared responsibility model: Server side encryption
Customer
shared responsibility model: Networking
AWS
shared responsibility model: Storage
AWS
shared responsibility model: Customer Data
Customer
shared responsibility model: Storage
AWS