Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS 101 > AWS Security & Encryption > Flashcards

AWS Security & Encryption Flashcards

1
Q

KMS can only help in encrypting up to ___ of data per call

A

4KB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does STS do?

A

• Allows to grant limited and temporary access to AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Token is valid for how long?

A

1 hour

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain what Cross Account Access is

A

Allows users from one AWS account access resources in another
• Define an IAM Role for another account to access
• Define which accounts can access this IAM Role
• Use AWS STS (Security Token Service) to retrieve credentials and impersonate the IAM Role you have access to (AssumeRole API)
• Temporary credentials can be valid between 15 minutes to 1 hour

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What’s Identity Federation?

A

Federation lets users outside of AWS to assume temporary role for accessing AWS resources.

Federation assumes a form of 3rd party
• Microsoft Active Directory (~= SAML) 
• Single Sign On
• Open ID
• Cognito

Using federation, you don’t need to create IAM users (user management is outside of AWS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Goal of Cognito?

A

Provide direct access to AWS Resources from

the Client Side

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS 101 (80 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions