[AWS Cloud Practitioner(CLF-C01)] Cloud Concept 3편 - IAM Summary

IAM = Identity and Access Management, Global service

-Root account created by default, shouldn't be used or shared

-Users are people within your oranization, and can be grouped

-Groups only contain users, not other groups

-Users don't have to belong to a group, and user can belong to multiple groups

 

 

IAM Section  Summary

Users : mapped to a physical user,has a password for AWS Console

Groups : contains users only

Policies : JSON document the outlines permission for user or groups

Roles : for EC2 instances or AWS services

Security : MFA + Password Policy

AWS CLI : manage your AWS services using the command-line

AWS SDK : manage your AWS services using a programming language

Access Keys : access AWS using the CLI or SDK

Audit : IAM Credential Reports & IAM Access Advisor

 

 

* MFA = Multi Factor Authentication 

-> password you konw + security device you own (OTP 인증 로그인 방식)