Section 3: AWS Fundamentals: IAM Flashcards
What does IAM stands for?
Identity and Access Management
What can we affect policies to?
Users
Groups
Roles
In what language are policies written?
JSON
Can we affect a role to a user?
NO! Roles can be affected to applications.
What are groups usually representing, and why are they useful?
Functions (admins, devops)
Teams (engineering, design)
They allow us to affect a set of defined policies to a group of people
What do groups contain?
Users
What are roles used for?
Internal usage within AWS resources
How many permissions should users have?
The minimal amount they need to perform their job (Least privilege principles)
What is IAM Federation?
A way for big enterprises to integrate their own repository of users with IAM, so that one can login using its company credentials.
What does Identity Federation uses?
The SAML standard (Active Directory)
What does SAML stands for?
Security Assertion Markup Language
How many users per physical person?
ONE
How many role per application?
ONE
Where should your IAM credentials NEVER be?
In your code, in your commits, anywhere other than in your head/password manager
When should you use the root account?
Never except for initial setup