#2 IAM, Accounts and AWS Organizations Flashcards
Is there a limit to the number of IAM users in an AWS Account? if so, how many?
5000 per account
An IAM User can be a member of how many groups?
10
A concept within AWS that allows you to manage access and permissions for individuals or applications interacting with your AWS resources. Think of it like a digital ID card that gives a person or an application specific permissions to use different AWS services.
IAM Users (Identity and Access Management)
Which of the following are features of IAM groups?
A. Admin groupings of IAM Users
B. Can hold identity Permissions
C. Can be used to login (Access Keys)
D. Can be used to login (Username and password)
F. Can be nested
A. Admin groupings of IAM Users
B. Can hold Identity Permissions
Within AWS policies, what is always a priority?
Explicit Deny
What two policies are assigned to an IAM Role?
- Permissions Policy
- Trust Policy
Which of the following are true for IAM Roles?
A. Roles have associated Long Term Credentials (Access Keys)
B. Roles can be assumed
C. When assumed - temporary credentials are generated
D. Roles can be logged into
F. When an identity logs into a role - temporary credentials are generated
B. Roles can be assumed
C. When assumed - temporary credentials are generated.
What three features are provided by AWS Organizations?
A. Consolidated billing
B. Managed assistance for company and AWS account mergers
C. AWS Account restrictions using SCP
D. Account organization via OU’s
E. Protection against credential leaks
F. Company ID reports
A. Consolidated billing
C. AWS Account restrictions using SCP
D. Account organization via OU’s
What functionality is provided by CloudTrail?
Account wide Auditing and API Logging
Is it possible to restrict what the Account Root User can do?
If AWS Organizations are used .. but not the management account
What is Role Switching?
Assuming a role in another AWS account to access that account via the console UI
