AWS, CloudPrep notes – AWS Certified Associate Architect

Prep notes – AWS Certified Associate Architect

IAM service

  • Global – IAM is a global, not region specific
  • User – A user is a unique identity recognized by AWS services and applications
  • Group – A group is a collection of IAM users
  • Roles – To perform a task. Role is an IAM entity with permissions for making AWS service requests. IAM roles are not associated with a specific user or group. User and services assume a role to carry out a task
  • Policy – Permission document in json format
  • MFA – Multi-factor authentication
  • Tasks that only roots user can perform. Root user only tasks
  • 5 Security status check
    • Delete your root access keys
    • Activate MFA on your root account
    • Create individual IAM users
    • Use groups to assign permissions
    • Apply an IAM password policy
  • STS – (Security token) Temporary security credentials valid for a specified duration and for a specific set of permissions
  • STS APIs to be aware of GetFederationToken, AssumeRole, AssumeRoleWithSAML or AssumeRoleWithWebIdentity
  • Federated user – Managed outside AWS
    • Enterprise identity federation, SAML assertion. Workflow
    • Web identity federation (Google, Facebook etc.)
    • Can use Cognito service to manage web and mobile logins

Home | IAM | S3 |CloudFront | SQS | EC2 | RDS | Route53

15+ hours of training videos
Pages: 1 2 3 4 5 6 7 8

Categories: AWS, Cloud Tags: , , ,