AWS IAM Interview Questions
1. What is AWS IAM?
Amazon Web Services, Identity and Access Management (AWS IAM).
In other words, AWS IAM has a specific way of dealing with giving access and consent control within the organization.
IAM has overall control over who can use the assets and under what conditions they can be used. These are also classified as Authentication and Authorization.
- Are IAM users and root users the same?
No, The IAM user is a subset of the root user. The root user is also called the master user.
- How is authentication controlled in the IAM service?
- Manages federated users
- You can manage the users. You can control access keys, passwords, and multi-factor authentication.
- In the IAM service, can we monitor the IAM user activity?
Yes, you can monitor the activities of IAM users. If there is any violation, you can remove Access for the IAM user
- What is Authorization in terms of AWS IAM service?
It’s to provide Authorization for specific AWS resources – not all.
- . What is federated user access management?
A user who is allowed to access AWS resources from third-party vendors – such as Google, Facebook, Linked In, Corporate credentials, etc.
- What’s the other name of the IAM user?
You can also be called an IAM entity.
- How to control Authorization in AWS IAM?
You can control Authorization by creating policies.
- What are the 5 top security credentials in AWS IAM?
- Key pair
- The E-mail address and Password
- User-id and Password
- Access Keys
- Multi-factor authentication
- What is CloudTrail in AWS?
It’s a service that records the logs of each IAM entity so that you can use these logs for auditing and compliance purposes.
In these logs, you will get answers for what, where, when, who,which
- What was the request about?
- Where was the request made from and made to?
- When was the request made?
- Who made the request?
- Which resources were acted upon in response to the request?
- What are AWS IAM roles?
Grop – These people will have the same kind of Access
User–Specific IAM entity
- What are Temporary Security Credentials?
These are short-lived security credentials. These you can create from the AWS STS service (AWS Security Token Service).
- What is the IAM Hierarchy of Privileges?
- IAM user
- Root user
- User with temporary credentials
- What are the top AWS IAM Roles?
In AWS IAM, there are two types of roles. The IAM user will have a permanent identity. The federated user will not have an identity.
- What are the features of AWS IAM?
There are many features of AWS IAM few of them would be:
- Identity federation
- Secure Access to AWS resources for applications that run on Amazon EC2
- Granular permissions
- Multi-factor authentication (MFA)
- Integrated with many AWS services
- Free to use
- In what ways can AWS IAM be used?
You can work with AWS IAM in various ways, such as:
- AWS SDKs
- AWS Management Console
- IAM HTTPS API
- AWS Command Line Tools
- What are the terms of AWS IAM?
The IAM terms include IAM Entities, IAM Resources, and IAM Identities.
- What is ‘Principal’ in IAM?
A principal is an application or person who can request an operation or action on an AWS resource.
- What is ABAC for AWS?
Attribute-based access control (ABAC) is an authorization strategy that defines permissions based on attributes. In AWS, these attributes are called tags.
- What are the security features outside IAM?
Some of the security features outside IAM are Amazon EC2 and Amazon RDS, Amazon EC2, Workspaces, Amazon RDS, and Amazon WorkDocs.
- Do I need to sign up for IAM?
To use IAM, you do not need to sign up. You must first create an account to use IAM if you do not already have one. There is no charge for using IAM.
22.Why would one use the feature of giving Access to users using an AWS account?
Assume you want to add users to your AWS account and require them to use IAM attributes or have access to specific resources. In that case, you can use the feature of granting Access to AWS account users.
- How can one set up AWS IAM?
AWS Identity and Access Management (IAM) enables you to securely manage access to Amazon Web Services (AWS) and account assets. Your account qualifications can also be kept private by IAM.
- Can one access all the features of AWS with only one account?
One might obtain the characteristics that have been granted to them, and the Authorization can control the permissions. You can also enable access to resources across AWS accounts in some cases.
- What are some of the things you can do using IAM?
Some of the services offered by AWS IAM are:
Manage passwords for IAM users
List the users in your AWS account and get information about their credentials
Manage permissions for IAM users
Add multi-factor authentication (MFA)
Tag IAM resources
View the actions, resources, and condition keys for all services
Seeking knowledge is my ultimate comfort, I evolve by learning without getting interrupted, and I recommend it.