Security Flashcards
What does IAM stand for?
Identity and Access Management
What is the main function of IAM?
To securely control access to AWS services and resources.
What are the core components of IAM?
Users, Groups, Roles, and Policies.
What is an IAM user?
A person or application within your organization that needs access to AWS resources.
What is an IAM group?
A collection of IAM users that makes it easier to manage permissions for multiple users at once.
What is an IAM role?
Used to grant permissions to entities that you trust, like AWS services, applications, or other AWS accounts.
What is an IAM policy?
A JSON document that defines permissions for an IAM entity (user, group, or role).
What are the two types of IAM policies?
Inline policies (attached directly to an entity) and managed policies (standalone policies that can be attached to multiple entities).
What are the key elements of an IAM policy statement?
Effect (Allow/Deny), Action (the specific actions allowed or denied), Resource (the resources the actions apply to), Condition (optional conditions for when the policy applies).
What is the purpose of IAM Access Analyzer?
To help you identify resources that are shared with external entities, aiding in implementing least privilege.
What is an IAM Password Policy?
A set of rules that define password complexity requirements for IAM users (e.g., minimum length, required character types, password expiration).
Why is it important to enforce a strong IAM Password Policy?
To improve the security of your AWS account and protect against unauthorized access.
What is KMS?
Key Management Service - a service for creating and managing encryption keys.
What are the two main types of KMS keys?
Symmetric and asymmetric.
What is a symmetric KMS key?
A single key used for both encryption and decryption.
What is an asymmetric KMS key?
A key pair with a public key for encryption and a private key for decryption.
What is a KMS key policy?
A policy that defines who can manage and use the KMS key.
What is key rotation in KMS?
The process of generating a new cryptographic key and replacing the old one.
Why is key rotation important?
It helps to reduce the impact of a compromised key.