Security, Identity & Compliance Flashcards
What is IAM about?
USER account permissions
List features of IAM
You need to be able to look at policies
What are the key aspects of policies you need to understand?
(EAR)
Effect
Action
Resource
In exam you need to be able to understand, write & potentially fix a policy
Name the 2 policy types:
Identity (IAM, inline)
Resource (policy doc attached to resource, managed)
Practice reading IAM policies on GITHUB
If there 5 allows and 1 deny. What happens?
Its denied
What happens if there’s no policy attached?
Everything will be denied
What is Identify Federation?
Its being able to set up different identity provider but still get access to your account
What is Cognito?
It lets us do logins for our APP
What is diff between IAM Policy and Cognito?
IAM Policy we are giving access to AWS Account
With Cognito, we are managing users with access to our accounts
What is user pools about?
User pool is a user directory for web and mobile app authentication and authorisation
(WHO)
What are the identity pools?
Provides temporary access to users who are guests (unauthenticated) and for users who have been authenticated and received a token
What is the difference between federated login with IAM Policy and federated login with Cognito?
federated login with IAM Policy
federated login with Cognito
Whats a policy doc
A json
EAR
effect
action
resource