IAM
Describe the process of setting up multi-factor authentication (MFA) for an IAM user. Why is this recommended for enhanced security?
Setting up MFA for an IAM user involves associating a virtual or hardware MFA device with the user's account. When the user logs in, they need to provide a time-sensitive code from the MFA device along with their password. This adds an additional layer of security, as even if the password is compromised, unauthorized access is prevented without the physical MFA device.
What is AWS CloudFormation?
AWS CloudFormation is a service that allows you to define and provision infrastructure as code using templates. It helps you automate the process of creating and managing AWS resources in a consistent and repeatable manner
AWS Well-Architected Framework?
The AWS Well-Architected Framework is a set of best practices and guidelines provided by AWS to help architects design and build secure, high-performing, resilient, and efficient infrastructure for their applications.
What is Linux?
Linux is an open-source operating system kernel originally developed by Linus Torvalds in 1991. It serves as the foundation for various Linux distributions (distros) that include additional software to create complete operating systems.
What are the basic SQL commands for data retrieval?
What is an IAM policy evaluation? How does AWS determine whether an action is allowed or denied based on policies?
IAM policy evaluation is the process of determining whether a requested action is allowed or denied based on the policies attached to the user, group, or role. AWS evaluates policies in a top-down manner, matching the requested action against the policies' defined actions and resources. If any policy denies the action, the request is denied; otherwise, if all policies allow the action, the request is allowed
What is a CloudFormation template?
A CloudFormation template is a JSON or YAML formatted file that defines the desired AWS resources and their configuration. It describes the infrastructure components, such as EC2 instances, S3 buckets, and more, as code.
pillars of the AWS Well-Architected Framework?
Operational Excellence: Focuses on operational aspects, such as automation, managing workloads, and continuous improvement.
Security: Emphasizes protecting information, systems, and assets while maintaining data confidentiality and integrity.
Reliability: Aims to ensure a system operates continuously, recovers from failures, and scales to meet demand.
Performance Efficiency: Focuses on using resources efficiently to maintain system performance as workloads change and grow.
Cost Optimization: Aims to avoid unnecessary costs while optimizing spending based on business needs.
What is a Linux distribution?
A Linux distribution, or distro, is a complete operating system built on top of the Linux kernel. It includes various software components such as libraries, utilities, applications, and a package manager for software installation and management.
What is the purpose of the SQL "JOIN" operation?
The "JOIN" operation is used to combine rows from two or more tables based on a related column between them. It allows you to retrieve data from multiple tables in a single query.
Explain the difference between IAM policies and resource-based policies in AWS.
IAM policies are attached to identities (users, groups, roles) and define what actions those identities are allowed to perform on resources. Resource-based policies, on the other hand, are attached directly to AWS resources (like S3 buckets or Lambda functions) and define who or what is allowed to access that resource and how.
How does CloudFormation ensure the consistency of your infrastructure?
CloudFormation ensures consistency by allowing you to define your infrastructure as code in a template. When you deploy the template, CloudFormation automatically creates, updates, or deletes resources based on the template's specifications, reducing the risk of configuration drift.
How can operational excellence be achieved within the Well-Architected Framework?
Operational excellence can be achieved by using automation, defining processes, and continually refining operations. This involves monitoring, measuring, and learning from operational events to improve over time.
What is the role of the "root" user in Linux?
The "root" user, also known as the superuser, has full administrative privileges on a Linux system. It can perform tasks that regular users cannot, including system-wide configuration changes and file manipulation.
What is a primary key in SQL?
A primary key is a unique identifier for a row in a database table. It ensures that each row can be uniquely identified and serves as a reference for establishing relationships between tables.
What is the principle of least privilege, and how does it relate to IAM policies?
The principle of least privilege dictates that users and entities should have only the permissions necessary to perform their tasks, and nothing more. IAM policies enforce this principle by allowing you to specify the exact actions and resources users are allowed to access, reducing the risk of accidental or malicious actions.
What is a stack in CloudFormation
A stack is a collection of AWS resources that are created, updated, or deleted together as a unit. Each stack is associated with a CloudFormation template and represents a single infrastructure deployment.
What are some key security considerations within the Well-Architected Framework?
Key security considerations include implementing strong identity and access management, protecting data at rest and in transit, and using encryption. Regular security assessments and audits are also essential.
What is the purpose of the "chmod" command in Linux?
The "chmod" command is used to change permissions on files and directories in Linux. It allows you to control who can read, write, and execute
What is normalization in database design?
Normalization is the process of organizing a database to reduce data redundancy and ensure data integrity. It involves breaking down large tables into smaller, related tables and establishing relationships between them.
What is an IAM role, and in what scenarios might you use it? How does it differ from an IAM user?
An IAM role is an identity with permissions that can be assumed by another entity. Roles are often used in scenarios like granting permissions to AWS services, cross-account access, or allowing EC2 instances to access resources securely. Unlike IAM users, roles don't have permanent credentials and are temporary.
How do you create a stack using CloudFormation?
To create a stack, you need to upload a CloudFormation template to AWS, either via the AWS Management Console, AWS CLI, or SDKs. Then, you specify the stack name and any required parameters. CloudFormation will then orchestrate the creation of the defined resources.
What is the focus of the performance efficiency pillar in the Well-Architected Framework?
The performance efficiency pillar focuses on using resources efficiently to maintain system performance. This includes optimizing compute, storage, and database resources and using caching and content delivery networks.
What is the Linux file permission system?
The Linux file permission system uses a combination of three permissions for each file: read, write, and execute. These permissions are assigned separately for the owner of the file, the group associated with the file, and other users.
What is an aggregate function in SQL?
An aggregate function performs a calculation on a set of values and returns a single value. Common aggregate functions include "SUM," "AVG," "COUNT," "MIN," and "MAX."