AWS : cloud provider
servers and services that you can use on demand and scale easily
region: cluster of data centers
AWS has regions all around the world
most aws services are region-scoped
지역 선택 방법
: compliance 준수
: proximity 근접성
: available services
: pricing
AWS Availability Zones
: descrete data centers with 불필요한 power, networking and connectivity
IAM password policy - strong하게 하기
MFA (multi factor authentication) - 해킹안당하게
AWS 접근법
1) AWS management console
Access Key secret Access Key
2) AWS CLI
3) AWS SDK
AWS CloudShell
명령어
aws iam list-users
aws iam list-users --region
IAM Role for services
permissions to AWS services with IAM roles
IAM security Tools
1) IAM Credentials Report (account-level)
2) IAM Access Advisor (user-level)
one physical user = one AWS user
users -> groups
permissions -> groups
user Access keys for (CLI / SDK)
users: mapped to a physical user
groups : contains users only
policies: JSON document that outlines permissions for users or groups
roles: for EC2 instances or AWS services
security: MFA + password policy
AWS CLI:
AWS SDK:
Access Keys: access AWS using the CLI or SDK
Audit: IAM credential reports and IAM access advisor
quiz
IAM User Groups can contain IAM Users and other User Groups. - false
IAM User can belong to multiple User Groups - true
IAM Users access AWS services using root account crendentias - false
'ACC Ewha' 카테고리의 다른 글
| [ACC 스터디 3주차] - EC2 instance storage + ELB &ASG (0) | 2024.05.07 |
|---|---|
| [ACC 4주차] - CI/CD AWS Code Series (0) | 2024.05.05 |
| [ACC 3주차] : VPC, Route 53 (0) | 2024.04.12 |
| [ACC 2주차]Container 와 Docker 와AWS ECR & EKS (0) | 2024.04.12 |
| [ACC 1주차] IAM이란? (0) | 2024.04.02 |
