Section 3: AWS Fundamentals: IAM

Question 1

What does IAM stands for?

Answer 1

Identity and Access Management

Question 2

What can we affect policies to?

Answer 2

Users
Groups
Roles

Question 3

In what language are policies written?

Answer 3

JSON

Question 4

Can we affect a role to a user?

Answer 4

NO! Roles can be affected to applications.

Question 5

What are groups usually representing, and why are they useful?

Answer 5

Functions (admins, devops)
Teams (engineering, design)

They allow us to affect a set of defined policies to a group of people

Question 6

What do groups contain?

Answer 6

Users

Question 7

What are roles used for?

Answer 7

Internal usage within AWS resources

Question 8

How many permissions should users have?

Answer 8

The minimal amount they need to perform their job (Least privilege principles)

Question 9

What is IAM Federation?

Answer 9

A way for big enterprises to integrate their own repository of users with IAM, so that one can login using its company credentials.

Question 10

What does Identity Federation uses?

Answer 10

The SAML standard (Active Directory)

Question 11

What does SAML stands for?

Answer 11

Security Assertion Markup Language

Question 12

How many users per physical person?

Answer 12

ONE

Question 13

How many role per application?

Answer 13

ONE

Question 14

Where should your IAM credentials NEVER be?

Answer 14

In your code, in your commits, anywhere other than in your head/password manager

Question 15

When should you use the root account?

Answer 15

Never except for initial setup

Question 16

What does SSO stand for?

Answer 16

Single Sign-On