12_IAM Overview and Best Practices

Flashcards about AWS Identity and Access Management (IAM)

The process of verifying the identity of a user or application trying to access a system.

Authentication

The process of determining what a user or application is allowed to do once they have been authenticated.

Authorization

An AWS service that allows you to control both authentication and authorization to AWS resources.

AWS IAM

Granting access to AWS resources using existing identity systems like Microsoft Active Directory.

Federated Identities

Requiring a user to provide a secondary authentication code from a separate device.

Multi-Factor Authentication (MFA)

Follow the principle of least privilege and grant users exactly what they need for a given role.

Granular Permissions

Users, groups, roles, policies, identity provider objects are all examples of…

IAM resources

Users and roles are examples of…

IAM entities

Users, roles and groups are examples of…

IAM identities

People and applications that sign in and make requests to AWS.

Principles

Can be used to log in to the AWS management console.

Username and password

Used to run commands from the AWS command line interface (CLI) and to make programmatic calls to AWS.

AWS access key

Has complete access to all AWS services and resources in the account.

Root user

Temporary security credentials that aren't uniquely associated with one person.

IAM roles