1. What are two common IAM (Identity and Access Management) security tools ?
IAM Access Analyzer
Shows the account creation time, whether the password is activated, the last time the password was changed, the last time the account was used, when the next password change is expected, whether MFA is enabled, whether access keys have been created, the last time the access key was rotated, the last time the access key was used, and the status of other access keys or authentication numbers being used.
- 비밀번호나 계정을 사용하지 않는 사용자들을 확인할 때 매우 유용함
IAM Credential Report
Shows accessed service, policies granting permissions, last acceessed time
- 사용자가 올바른 권한을 가지고 있는지 여부를 실제로 확인할 때 유용함
- 즉 액세스 관리자는 AWS에서 세부적인 사용자 액세스 권한을 수행해야 할 때 매우 유용함
2. Choose the incorrect statement about IAM users
❌ IAM users access AWS services through root account credentials.
✔️ IAM users access AWS services through their own credentials (username & password, or access keys).
3. Which of the following is considered an IAM best practice?
✔️ Do not use the root account.
4. What's IAM Policies?
✔️ IAM policies define a set of permissions to create requests for AWS services, and they are used by IAM users, user groups, and IAM roles in the form of JSON documents.
5. Which principle should be applied to IAM permissions among the following?
✔️ Principle of Least Privilege
6. What actions should be taken to enhance the security of the root account?
✔️ Enable Multi-Factor Authentication (MFA) on the root account.
✔️ Use a strong password for the root account and change it regularly.
✔️ Avoid using the root account for daily tasks. Instead, create and use IAM users with the necessary permissions.
✔️ Delete access keys for the root account if they are not needed.
✔️ Enable CloudTrail logging to monitor all activities related to the root account.
✔️ Store the root account credentials securely and ensure they are only accessible to trusted individuals.
7. (True/False) An IAM user group can include IAM users and other user groups.
False
IAM user groups can only contain IAM users. IAM user groups cannot be part of other user groups.
8. Choose the element that is not a component of a statement in an IAM policy.
IAM policies are composed of one or more statements.
Choose the element that is not a component of a statement in an IAM policy.
Effect, Principle, Version, Action, Resource
Version is part of the IAM policy itself, not a part of the statement.
IAM policy statement consists of Sid, Effect, Principal, Action, Resource, and Condition.
9. What is the correct definition of an IAM Roles?
A set of permissions to create requests for AWS services, and an IAM entity that is used by AWS services
⭐ 정리 잘 된 블로그
- 블로그 주인님들 감사합니다🙏 잘보겠습니다
[AWS] IAM(Identity and Access Management) 정리
AWS IAM 사용 설명서 바로가기AWS 리소스에 대한 액세스를 안전하게 제어할 수 있는 웹 서비스.사용자가 리소스를 사용하기위해 IAM을 사용한 인증(로그인) 및 권한 확인을 거치게 한다AWS 계정을 처
velog.io
[AWS] 📚 IAM 개념 원리 & IAM 계정 · 정책 생성하기
IAM (Identity and Access Management) 란? IAM은 사용자의 접근 권한을 관리 하는 서비스 이다. IAM을 통해서 회사 내 AWS를 사용하는 사람들에게 부서 마달 사용자별로 AWS에서 제공하는 서비스들, 서비스에
inpa.tistory.com
[AWS] IAM 개념 및 용어 정리
IAM 용어 정리 위와 같이 AWS IAM에 들어가면 사용자, 정책, 권한, 그룹, 역할. 인스턴스 프로파일 등등 많은 용어들이 존재합니다. 어떤 S3, EC2, CodeDeploy와 같은 서비스를 이용할 때는 사용할 때 역할
devlog-wjdrbs96.tistory.com
'AWS' 카테고리의 다른 글
| [AWS] Solutions Architect Associate 실습7일차 - AWS EC2 (12) | 2025.01.22 |
|---|---|
| [AWS] 실습6일차 - AWS 예산 관리 Billing and Cost Managetment (setting Budget) (9) | 2025.01.22 |
| [AWS] 실습4일차 - AWS IAM ROLE, IAM 보안도구 등 (14) | 2025.01.20 |
| [AWS] 실습3일차 - AWS Access Key, CLI & SDK (6) | 2025.01.19 |
| [AWS] 실습2일차 - IAM: JSON 구조 & IAM MFA (다중인증) (4) | 2025.01.16 |
1. What are two common IAM (Identity and Access Management) security tools ?
IAM Access Analyzer
Shows the account creation time, whether the password is activated, the last time the password was changed, the last time the account was used, when the next password change is expected, whether MFA is enabled, whether access keys have been created, the last time the access key was rotated, the last time the access key was used, and the status of other access keys or authentication numbers being used.
- 비밀번호나 계정을 사용하지 않는 사용자들을 확인할 때 매우 유용함
IAM Credential Report
Shows accessed service, policies granting permissions, last acceessed time
- 사용자가 올바른 권한을 가지고 있는지 여부를 실제로 확인할 때 유용함
- 즉 액세스 관리자는 AWS에서 세부적인 사용자 액세스 권한을 수행해야 할 때 매우 유용함
2. Choose the incorrect statement about IAM users
❌ IAM users access AWS services through root account credentials.
✔️ IAM users access AWS services through their own credentials (username & password, or access keys).
3. Which of the following is considered an IAM best practice?
✔️ Do not use the root account.
4. What's IAM Policies?
✔️ IAM policies define a set of permissions to create requests for AWS services, and they are used by IAM users, user groups, and IAM roles in the form of JSON documents.
5. Which principle should be applied to IAM permissions among the following?
✔️ Principle of Least Privilege
6. What actions should be taken to enhance the security of the root account?
✔️ Enable Multi-Factor Authentication (MFA) on the root account.
✔️ Use a strong password for the root account and change it regularly.
✔️ Avoid using the root account for daily tasks. Instead, create and use IAM users with the necessary permissions.
✔️ Delete access keys for the root account if they are not needed.
✔️ Enable CloudTrail logging to monitor all activities related to the root account.
✔️ Store the root account credentials securely and ensure they are only accessible to trusted individuals.
7. (True/False) An IAM user group can include IAM users and other user groups.
False
IAM user groups can only contain IAM users. IAM user groups cannot be part of other user groups.
8. Choose the element that is not a component of a statement in an IAM policy.
IAM policies are composed of one or more statements.
Choose the element that is not a component of a statement in an IAM policy.
Effect, Principle, Version, Action, Resource
Version is part of the IAM policy itself, not a part of the statement.
IAM policy statement consists of Sid, Effect, Principal, Action, Resource, and Condition.
9. What is the correct definition of an IAM Roles?
A set of permissions to create requests for AWS services, and an IAM entity that is used by AWS services
⭐ 정리 잘 된 블로그
- 블로그 주인님들 감사합니다🙏 잘보겠습니다
[AWS] IAM(Identity and Access Management) 정리
AWS IAM 사용 설명서 바로가기AWS 리소스에 대한 액세스를 안전하게 제어할 수 있는 웹 서비스.사용자가 리소스를 사용하기위해 IAM을 사용한 인증(로그인) 및 권한 확인을 거치게 한다AWS 계정을 처
velog.io
[AWS] 📚 IAM 개념 원리 & IAM 계정 · 정책 생성하기
IAM (Identity and Access Management) 란? IAM은 사용자의 접근 권한을 관리 하는 서비스 이다. IAM을 통해서 회사 내 AWS를 사용하는 사람들에게 부서 마달 사용자별로 AWS에서 제공하는 서비스들, 서비스에
inpa.tistory.com
[AWS] IAM 개념 및 용어 정리
IAM 용어 정리 위와 같이 AWS IAM에 들어가면 사용자, 정책, 권한, 그룹, 역할. 인스턴스 프로파일 등등 많은 용어들이 존재합니다. 어떤 S3, EC2, CodeDeploy와 같은 서비스를 이용할 때는 사용할 때 역할
devlog-wjdrbs96.tistory.com
'AWS' 카테고리의 다른 글
| [AWS] Solutions Architect Associate 실습7일차 - AWS EC2 (12) | 2025.01.22 |
|---|---|
| [AWS] 실습6일차 - AWS 예산 관리 Billing and Cost Managetment (setting Budget) (9) | 2025.01.22 |
| [AWS] 실습4일차 - AWS IAM ROLE, IAM 보안도구 등 (14) | 2025.01.20 |
| [AWS] 실습3일차 - AWS Access Key, CLI & SDK (6) | 2025.01.19 |
| [AWS] 실습2일차 - IAM: JSON 구조 & IAM MFA (다중인증) (4) | 2025.01.16 |
