Pro Flashcards
Exam Pro Tips from A Cloud Guru
IAM is universal
IAM is not region specific, it applies to all regions.
The Root Account
The account created on first setup.
It has complete administrative access rights
Access Key ID and Secret Access Keys
1) These are created and assigned when first created.
2) These are not the same as a password, they cannot be used to login to the console.
3) You use these to access AWS via APIs and the CLI
Secret Key Viewing
You only get to see the secret keys once, if you lose them you have to regenerate them.
Multi-Factor Authentication (MFA)
1) Always
2) Always for your Root account
3) Always
password rotation
customisable via a password policy rotation.
What is a region ?
A region is a physical location in the world with 2 or more availability zones.
What is an Availability Zone ?
An Availability Zone is a discreet data centre, with redundant power, networking and connectivity.
Two Availability zones that are within a few miles of each other are classified as the same availability zone.
What is an Edge Location ?
1) These are endpoint which AWS uses to cache content.
2) Cloudfront is the technology behind this.
3) This is a content delivery Network
IAM consists of what ?
1) Users
2) Groups
3) Policies
4) Roles
New Users
Have no permissions when first created
Power user access allows ?
Access to all AWS services except for management of groups and users within IAM.
What is SSE ?
Server Side Encryption (SSE)
- Amazon S3 Managed keys (SSE-S3)
- KMS (SSE-KMS) (provides audit logs)
- Customer-Provided Keys (SSE-C)
