Security & Identity Flashcards
Amazon Macie
discover and protect your sensitive data
Store and manage encryption keys
AWS Key Management Service
AWS CloudHSM
Hardware based key storage
AWS Certificate Manager
Provision, manage and deploy SSL and TLS security certificates
AWS Secrets Manager
Rotate, manage, and retrieve secrets
AWS Shield
Denial of service protection
AWS Web Application Firewall
Filter malicious website traffic
Centrally managed firewall rule
AWS Firewall Manager
Amazon GuardDuty
Automatically detect threats
Amazon Inspector
Analyze application security
AWS Config
Record and evaluation configurations of your AWS resources
AWS CloudTrail
Track use activity and API usage
AWS IAM
Securely manage access to AWS account services and resources
AWS Single Sign-on
Implement cloud single sign-on
Amazon Cognito
Manage identity inside applications
AWS Directory Service
Implement and manage Microsoft Active Directory
AWS IAM Facts
- Manage who can access what in AWS accounts
- Create users/groups
- Allow or Deny access via policies
- Free for AWS accounts
IAM Users
Root User - Main account for AWS login. Determines access through policies and/or groups
IAM User - Developer, Tester, Sales, etc.
IAM Roles
Delegate access to a user or a service.
Users and services can use or assume a role.
AWS Secrets Manager Facts
- Protects the secrets required to access your resources
- Rotates automatically
- Stores passwords, keys, and tokens
AWS Directory Service Facts
- Managed Microsoft Active Directory
- Managed Simple Active Directory
- AD Connector
- Distributed service with automatic failover
- Compatible with other AWS Services (Chime, Connect, EC2, RDS, etc.)
True/False: IAM is a regional service
False - Permissions are global
