Security in the AWS Cloud

Question 1

What is the principal of least privilege?

Answer 1

Get only the necessary permissions to do the job.

Question 1

What is a Federated Identity?

Answer 1

Identities federated from your IDP. Manage employees through your IDP and use SSO. My A-Account as an example to access AWS.

Question 2

What is AWS responsible for?

Answer 2

Security of the cloud.

Protecting and securing AWS regions, AZ, and data centers, do to the security of the building.

Physical equipment that runs AWS services.

Question 3

What is the customer responsible for?

Answer 3

Security in the cloud.

Properly configuring the service and applications, as well as ensuring your data is secure.

Question 4

What is Authentication?

Answer 4

Authentication ensures the user is who they say they are.

When you create an AWS account you sign in with an email and password.

Question 5

What is Authorization?

Answer 5

What actions can you perform?

Question 6

Explain AWS root user credentials.

Answer 6

2 sets of credentials

1. Email and password for AWS Console access
2. Access Keys
   2a. Access key ID
   2b. Secret access key

Question 7

What are best practices for the root user?

Answer 7

1. Choose a strong password
2. Never share your password or access keys
3. Disable and delete access keys
4. Do not use a root user for admin daily tasks
5. Set up multi factor authentication asap.