AWS basic, IAM, EC2 fundamentals

What is the AWS global infrastructure (order)?

AWS regions, availability zones, data centers, edge locations

What is an AWS region?

A cluster of data centers

What should you factor in when choosing what AWS region to select?

Compliance with data governance and legal requirements, proximity to customers, available services within a region, pricing

What is the min/max amount of availability zones a region can have?

3, 6

What do availability zones consist of and why are they seperated?

One or more data centers with redundant power, networking, and connectivity. Separated so they are isolated from disasters

What are AWS edge locations?

Localized edge data centers and network nodes strategically positioned around the world to deliver low latency

What is IAM?

Identity and access management service

How do users and groups work in IAM?

users can belong to multiple groups, they also dont have to be in a group, groups can only contain users, not other groups.

How do IAM permissions work?

Users or groups can be assigned JSON documents called policies. These policies define the permission of the users

What is the least privilege principle in AWS?

Don’t give more permissions than a user needs

How does IAM policy inheritance work?

The policies you assign to groups will apply to each user in the group

What are IAM inline policies?

Policies only attached to a user

What do IAM policies consist of?

Version of the policy language, ID for the policy (optional), Statement(s)

What does a statement inside an IAM policy consist of?

Sid: an identifier for the statement (optional), Effect (allow or deny), Principal (user/role this policy applies to), action: list of actions this policy allows or denies, resource: list of resources to which the actions applied to, condition: conditions for when this policy is in effect (optional)