[AWS]AWS Certified Solutions Architect

클라우드/AWS

[AWS]AWS Certified Solutions Architect - Day1

benjykim 2019. 1. 13. 11:44

A Region is a physical location in the world which consists of two or more Availability Zones (AZ's).
An AZ is one or more discrete data centers, each with redundant power, networking and connectivity, housed in separate facilities.
Edge Locations are endpoints for AWS which are used for caching content. Typically this consists of CloudFront, Amazon's Content Delivery Network (CDN)

Users : End Users such as people, employees of an organization etc.
Groups : A collection of users. Each user in the group will inherit the permissions of the group.
Policies : Policies are made up of documents, called Policy documents. These documents are in a format called JSON and they give permissions as to what a User/Group/Role is able to do.
Roles : You create roles and then assign them to AWS Resources.

IAM is universal. It does not apply to regions at this time.
The 'root account' is simply the account created when first setup your AWS account. It has complete Admin access.
New Users have NO permissions when first created.
New Users are assigned Access Key ID & Secret Access Keys when first created.
These are not the same as a password. You cannot use the Access key ID & Secret Key to Login in to the console. You can use this to access AWS via the APIs and Commnad Line, however.
You only get to view these once. If you lose them, you have to regenerate them. So, save them in a secure location.
Always setup Multifactor Authentication on your root account.
You can create and customise your own password rotation policies.

[AWS]AWS Certified Solutions Architect - Day3 (0)	2019.01.26
[AWS]AWS Certified Solutions Architect - Day2 (0)	2019.01.13