Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certification Architect Associate 2022 > Section4: IAM & AWS CLI > Flashcards

Section4: IAM & AWS CLI Flashcards

1
Q

What is IAM?

A
  • IAM = Identity and Access Management, Global service
  • Root account is the default account.
  • Users are people in your organization/company.
  • Groups only contain users and not other groups.
  • Users dont have to belong to a group and users can be in multiple groups.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM: Permissions

A
  • Users or Groups are assigned a JSON document called policies.
  • Policies define the permissions of the users
  • In AWS you apply the least privileges principle(dont give more permissions than a user needs)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IAM Policies Structure

A

Consist of:

  - Version: Example "2012-10-17"
  - Id:  Example "S3-Account-Permissions"
  - Statement

Statment consist of:

 - SID: The id of the statement. Example: "1"
 - Effect: Exmaple "Allow"
 - Principal: sccount/user/role to which the policy applies Example "arn:aws:iam::12324354:root
 - Action: list of actions this policy allows or denies
 - Resource: list of resources to which the actions applied to Example "myBucket(Storage)"
 - Condition: conditions for when the policy is in effect
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is IAM MFA?

A
  • MFA = Multi Factor Authentication(Password + security device)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What MFA devices do you get?

A
  • Virtual MFA device Exampe Google Authenticator
  • Universal 2nd Factor(U2F) Security Key. Its a physical device.
  • Hardware Key Fob MFA Device. Also physical device
  • Hardware Key Fob MFA Device for AWS GovCloud. Also physical device
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 3 ways to access AWS?

A
  • AWS Management Console
  • AWS Command line interface(CLI)
  • AWS Software Developer Kit(SDK)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How to get access using the AWS CLI?

A

1) Create access keys for user
2) In cmd, type “aws configure”.
3) Enter your “Access Key ID”
4) Enter “Secret Access Key”
5) Enter default region name”
6) Enter “output format”, just press enter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is AWS Cloud Shell?

A
  • it is like AWS CLI but build into the AWS console.

- It is only available for certain regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a IAM Role?

A
  • Giving access the services to perform a particular task.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What IAM Security Tools do you get?

A

1) IAM Credentials report(account level)
- a report that list all account’s users and the status of their credentials
2) IAM Access Advisor(user-level)
- shows service permissions granted to a user and when last was it accessed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

IAM Guidelines & Best Practices

A
  • Dont use the root account except for account setup
  • One physical user = One AWS user
  • Assign users to group and assign permissions to groups
  • Create a strong password policy
  • Use and enforce the use of Multi Factor Authentication(MFA)
  • Create and use Roles for giving permissions to AWS services
  • Use Access Keys for Programmatic Access(CLI/SDK)
  • Audit permissions of your account with the IAM Credentials Report.
  • Never share IAM users & Access Keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Certification Architect Associate 2022 (25 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions