AWS Section10 advanced IAM

  1. What is web identity federation
    Gives users the ability to use authenticators like google or facebook to get authentication code to trade for temporary AWS security creds
  2. What provides web identity federation in AWS
    • - Amazon cognito
    • - Signup and sign-in to apps
    • - Access for guest users
    • - Acts as identity broker between app and web ID providers
    • - Synchronises user data for multiple devices
    • - Recommended for mobile apps of AWS
  3. Why is cognito so great
    No need for the app to embed or store AWS credentials on the device locally and gives users a seamless experience.
  4. What are cognito user pools
    User directories to manage the signup and signin functionality of mobile and web apps.

    Successful idendtication creates a bunch of json web tokens
  5. What are Identity pools?
    Enables you to create unique identities for your users and authenticate them with identiy providers. 

    You can obtain temporary limited privelege aws creds to access other aws services.
  6. What is push synchronisation?
    a service fro mcognito to send updates and synchronise user data. Kinda like kindle.

    It uses SNS to send a silent push notification to all devices associated with a given user identity when data stored in the cloud changes.
  7. What is are the different kinds of policies in AWS
    • Managed policy - AWS managed defualt policies. You cant edit them
    • Customer Managed policy - Managed by you and embedded in a single user, group or role
    • Inline policy - Managed by you and embedded in a single user, group or role.
  8. `give the differences between the policies and when you'd use them
Card Set
AWS Section10 advanced IAM