AWS Short Memorizations Flashcards
A person or application that can make a request for an action or operation on an AWS resource.
A principal
List the 4 types of principals in AWS (Hint: FUURA)
Federated Users,
Users,
Roles,
Applications
The type of principal that can be logged into with a Google, Facebook, or Amazon Account
A federated user
An AWS Service that helps you securely control access to AWS resources.
AWS IAM
(Identity and Access Management)
List the 5 types of policies
Identity based
Resource based
IAM permission boundaries
Service control policies (SCP)
Session policies
What permissions do users have by default
none
Max number of users that can be created, per account.
5000
Max number of policies that can be attached to an IAM user or IAM role
20
Max number of groups an IAM user can be a member of
10
Max number of Access keys that can be assigned to an IAM user
2
An IAM identity that has specific permissions.
IAM Role
A JSON document that defines permissions.
Policy
What type of policy is applied to users, groups and roles
Identity based
A Bucket Policy is an example of what type of policy.
Resource based
Should you switch regions when creating or managing IAM users that are in another region?
No
(IAM is global and won’t even give a region selection)
3 options for MFA
Virtual MFA device
U2F security key
Other hardware MFA device
This is an example of what?
-> arn:aws:iam::121212121212:mfa/gwilki2
An ARN (Amazon Resource Name)
An AWS service that provides temporary credentials.
STS (Security Token Service)
A policy that controls who can assume an IAM Role
A Trust Policy
An Identity based policy that can be attached to multiple users, groups, or roles.
Managed Policy
An Identity based policy that is applied directly to only a single user, group, or role. (has a 1 to 1 relationship)
Inline Policy
A Bucket Policy is what type of policy
Resource based
A Trust Policy is what type of policy
Resource based
A Permissions Policy is what type of policy
Identity based
