The AWS solutions architect certification shows that you can use AWS services to solve software engineering problems and understand core best practices of the industry. In this article, I will quiz you on one of the sections from the material required for the exam: IAM.
I will now briefly state some key facts about this AWS service, and then provide some example questions for the exam.
N.B: The following information on its own will not be enough to answer the questions.
The Identity and Access Management (IAM) service enables authorisation and authentication on AWS resources.
Authentication — are you who you claim to be?
Authorisation — are you allowed to do what you want to do?
It is also useful to know that:
- The top level user is called a principal and is allowed to interact with AWS resources — Root user, IAM user, and Roles are principles.
- A Root user is created when the AWS account is created and has console and programmatic access.
- IAM users + groups — persistent identities that can be controlled through IAM. IAM user must have the rights to assume the role.
- Roles — allow people or processes the ability to operate temporarily with a different identity. Assume a role by being granted a temporary security token.
- A policy is a JSON document that defines one or more permissions to interact with AWS resources. Each permission includes: Effect, Action and Resource.
- You can write your own policies or use one of the managed policies provided by AWS.
- IAM enables rotation by allowing two active access keys.
Thanks For Reading
We hope to cover the rest of the topics with similar articles very soon ⭐