Google Cloud IAM
In Google Cloud IAM, these identities are used by accounts, groups, and service accounts to access resources.
What are email addresses?
IAM roles provide this kind of access, which differs from long-term credentials like passwords or access keys. .
What is temporary access?
This cloud governance role is responsible for selecting, monitoring, implementing, and securing services.
What is a Cloud Service Manager?
Cloud Formation lets you model and provision AWS resources using this type of document.
What is a template?
CloudFormation allows you to reuse and nest these within templates.
What are nested stacks?
For G Suite and Cloud Identity domains, this is used as the identity.
What is a domain name?
An IAM role is assumed by this kind of AWS entity (human or non-human) to access resources. This AWS service allows engineers to define a collection of related AWS resources in templates, automatically provisioning and configuring them as a single unit.
What is a principal?
This actor in the NIST Cloud Reference Architecture delivers services to consumers.
What is a Cloud Service Provider (CSP)?
A collection of resources created from a CloudFormation template is called this.
What is a stack?
You can manage provisioning across multiple AWS accounts and regions with this service.
What is StackSets?
Google Cloud IAM members include these five possible types of entities.
What are Google accounts, service accounts, Google groups, G Suite domains, and Cloud Identity domains?
Unlike IAM users, IAM roles are not permanently associated with this.
What is a single person or entity?
The cloud service administrator typically manages this element of service lifecycle.
What is provisioning and configuration?
CloudFormation supports these two main template formats.
What are JSON and YAML?
CloudFormation integrates with this service to help enforce compliance and detect drift.
What is AWS Config?
IAM enables enforcement of this principle, which ensures that users get only the permissions they need.
What is the Principle of Least Privilege?
This AWS service allows you to centrally create and enforce policies across accounts using IAM roles.
What is AWS Organizations?
A Cloud Auditor provides an independent assessment of these three key areas.
What are security, privacy, and compliance?
You can preview the changes CloudFormation will make before executing them with this feature.
What is a Change Set?
This advanced feature lets you define dynamic values inside CloudFormation templates, often retrieved from AWS Systems Manager.
What are parameters or dynamic references?
IAM roles in Google Cloud can be categorized into three types. Name them.
What are basic roles, predefined roles, and custom roles?
This IAM feature lets you control what actions a role can perform, on which resources, and under which conditions.
What are IAM policies?
This role in cloud governance aligns IT activities with business goals.
What is a Cloud Governance Role?
CloudFormation automates infrastructure deployment as part of this DevOps practice.
What is Infrastructure as Code (IaC)?
CloudFormation supports creating and provisioning these, which include EC2, RDS, IAM, and more.
What are AWS resources?