These are my notes for my exam prep and may not contain all the important aspects.

I am keeping notes for the areas that I find important and worthwile remembering so, this is by no means complete recap of the lessons

Source: Stephane Maarek, Udemy

3. Fundamentals IAM & EC2

AWS Regions

• Regions

• Regions > Availabilty Zones

• North America > US East 1 for example

IAM Introduction

• Users

• Groups

• Roles

• Root has all the power

• Users: physical user : you, me

• Group: Users grouped together, admin, devops, finance, engineer, design etc

• Role: Internal usage within AWS resources, those are for machines

• Policies: JSON docs that define what those things can/cannot do

• IAM is global, not region specific

• Can support Multi Factor Auth

• You can use pre-defined policies

• Least priviliged! all the time!

• IAM Federation

• IAM Dump

• 1 Person = 1 IAM User, not shared

• 1 App = 1 Role, not shared (this EC2 belongs to BackEnd Java Spring Server, Prod)

• Never write IAM Credentials in Code, duh

• Never use ROOT anymore, just create User and let user deal with it

EC2

• Rent virtual machines (ec2)
• Store data on Virtual Drive (EBS)
• Distribute the load across machines Elastic Load Balancer (ELB)
• Scale services using auto scaling group: ASG