Section - IAM Flashcards

1
Q

What is AWS IAM?

A

IAM is Identitiy Access management

  • Centralized - Control of your AWS account
  • Access - Shared access to your AWS account.
  • Permissions - Granular permissions
  • Identity Federation - Supports well known identity provider such as Active Directory, Facebook, Linkedin
  • Universal - not restricted to a region
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the features of IAM?

A
  • Multi-Factor Authentication - Provides increased account settings and resources
  • Temporary Access - Provides temporary access for users/ devices and services as necessary
  • Password Policies - Allows you to setup your own password rotation policy
  • Integrated - Integrates with many different AWS services
  • Compliance - Supports PCI DSS compliance (for any application associated with he payment card industry)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is IAM logic structure?

A
  • Users - end users on aws
  • Groups - Logical grouping of user
  • Roles - You create roles and can then assign them to users, applications and services to give access to AWS resources.
  • Policy
    • A document that defines one or more permissions
    • An IAM policy can be attached to a User, Group or Role.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM Policy Simulator?

A
  • Test IAM permissions before you commit them to production
  • Validate that the policy works as expected
  • You can also test policies attached to existing users - great for troubleshooting
  • https://policysim.aws.amazon.com
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Give example of a role which gives access to everything?

A

{
“Version”: “2012-10-17”,
“Statement” :
[
{
“Effect” : “Allow”,
“Action”: “*”,
“Resource”: “*”
}
]
}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly