Consol Demonstration – Identity & Access Management Flashcards
What does IAM stand for?
IAM stands for Identity and Access Management.
What is IAM used for in AWS?
IAM is used to securely control access to AWS resources by specific entities, such as EC2 instances or users.
What is a role in IAM?
A role in IAM defines permissions that can be assumed by AWS entities, such as an EC2 instance. It allows these entities to access specific resources.
How can a role be created in IAM?
A role can be created in IAM by navigating to the IAM console, clicking on “Roles,” and then selecting “Create role.” The trusted entity for the role is specified during this process.
What are policies in IAM roles?
Policies in IAM roles define the permissions associated with the role. They specify what actions an entity can perform on AWS resources.
How can policies be associated with an IAM role?
Policies can be associated with an IAM role during its creation or by editing the role later to add or modify policies.
What is the principle of least privilege in IAM?
The principle of least privilege in IAM ensures that entities or users have only the minimum permissions necessary to perform their tasks, reducing the risk of unauthorized access.
What is a group in IAM, and how is it used?
A group in IAM is a collection of IAM users. It is used to apply permissions to multiple users at once, simplifying permission management.
How can a group be created in IAM?
A group can be created in IAM by navigating to the IAM console, clicking on “Groups,” and then selecting “Create group.”
What are built-in policies in IAM, and how are they used?
Built-in policies in IAM are preconfigured policies that define common sets of permissions. They can be assigned to users or groups to grant specific access to AWS resources.
How can custom policies be created in IAM?
Custom policies can be created in IAM using the visual editor to choose services, actions, resources, and request conditions, or by writing policies in JSON format.
What is the purpose of the “IAM Roles” feature in the AWS Management Console?
The “IAM Roles” feature in the AWS Management Console allows users to create, manage, and assign roles to AWS entities like EC2 instances, defining their permissions and access to resources.
How does IAM ensure secure access control in AWS?
IAM ensures secure access control in AWS by allowing granular permission management, role-based access control, and adherence to the principle of least privilege.
What are some examples of AWS entities that can be trusted in IAM roles?
Examples of AWS entities that can be trusted in IAM roles include EC2 instances, Lambda functions, AWS services, and users.
What are some common policies that can be associated with IAM roles?
Common policies that can be associated with IAM roles include Amazon S3 full access, DynamoDB read-only access, and various other predefined or custom policies based on specific resource requirements.
