{"id":295,"date":"2019-02-05T11:07:15","date_gmt":"2019-02-05T11:07:15","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=295"},"modified":"2022-03-03T11:23:07","modified_gmt":"2022-03-03T11:23:07","slug":"aws-iam-key-feature","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/","title":{"rendered":"IAM Key Features"},"content":{"rendered":"\n<p>We learn the IAM Key Features in this section.<\/p>\n\n\n\n<p>The IAM Key Features include:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Multi-Factor Authentication (MFA)<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>adds an extra layer of security to AWS infrastructure<\/li><li>adds a second method of authentication<\/li><li>With MFA, authentication also requires entering a One-Time Password (OTP) from a small device.<\/li><li>MFA device can be small hardware device to carry or virtual device via an app on smart phone<\/li><li>MFA can be assigned to any IAM user account &#8211; whether person or application.<\/li><li>If IAM user is person with MFA, attempts to access AWS Management Console, after providing their password, will be prompted to enter current code displayed on their MFA device before being granted access.<\/li><li>For an IAM application with MFA, it must query application user to provide current code, which the application will then pass to the API.<\/li><li>recommended that AWS customers add MFA protection to their root user.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Rotating Keys<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>The security risk of any credential increases with age of credential.<\/li><li>Hence, security best practice is to rotate access keys associated with IAM users.<\/li><li>IAM facilitates this process by allowing two active access keys at a time.<\/li><li>The process to rotate keys can be conducted via the console, CLI, or SDKs:<\/li><\/ul>\n\n\n\n<p>Steps for rotating key implementation<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Create a new access key for the user.<\/li><li>Reconfigure all applications to use the new access key.<\/li><li>Disable the original access key (disabling instead of deleting at this stage is critical, as it allows rollback to the original key if there are issues with the rotation).<\/li><li>Verify the operation of all applications.<\/li><li>Delete the original access key.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Resolving Multiple Permissions<\/strong><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>multiple permissions will be applicable when determining whether a principal has privilege to perform some action.<\/li><li>permissions may come from multiple policies associated with a principal or resource policies attached to the AWS resource in question.<\/li><li>conflicts between these permissions are resolved, as <ul><li>Initially the request is denied by default. <\/li><\/ul><ul><li>All the appropriate policies are evaluated; if there is an explicit \u201cdeny\u201d found in any policy, the request is denied and evaluation stops. <\/li><\/ul><ul><li>Then, if no explicit \u201cdeny\u201d is found and an explicit \u201callow\u201d is found in any policy, the request is allowed. <\/li><\/ul><ul><li>If there are no explicit \u201callow\u201d or \u201cdeny\u201d permissions found, then the default \u201cdeny\u201d is maintained and the request is denied. <\/li><\/ul><\/li><li>Exception to it, if an AssumeRole call includes a role and a policy, the policy cannot expand the privileges of the role (for example, the policy cannot override any permission that is denied by default in the role).<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>We learn the IAM Key Features in this section. The IAM Key Features include: Multi-Factor Authentication (MFA) adds an extra layer of security to AWS infrastructure adds a second method of authentication With MFA, authentication also requires entering a One-Time Password (OTP) from a small device. MFA device can be small hardware device to carry&#8230;<\/p>\n","protected":false},"author":1,"featured_media":298,"parent":53,"menu_order":19,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[7,13,14,5,32],"class_list":["post-295","page","type-page","status-publish","has-post-thumbnail","hentry","category-amazon-aws","tag-aws","tag-aws-certified-solutions-architect-professional","tag-aws-exam-dumps","tag-aws-solutions-architect","tag-iam-key-features"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>AWS IAM Key Features - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AWS IAM Key Features - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-03T11:23:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/02\/IAM-Key-Features.png\" \/>\n\t<meta property=\"og:image:width\" content=\"785\" \/>\n\t<meta property=\"og:image:height\" content=\"295\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/\",\"name\":\"AWS IAM Key Features - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2019-02-05T11:07:15+00:00\",\"dateModified\":\"2022-03-03T11:23:07+00:00\",\"description\":\"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AWS Certified Solutions Architect Associate (SAA-C03)\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"IAM Key Features\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AWS IAM Key Features - Testprep Training Tutorials","description":"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/","og_locale":"en_US","og_type":"article","og_title":"AWS IAM Key Features - Testprep Training Tutorials","og_description":"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2022-03-03T11:23:07+00:00","og_image":[{"width":785,"height":295,"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2019\/02\/IAM-Key-Features.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/","name":"AWS IAM Key Features - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2019-02-05T11:07:15+00:00","dateModified":"2022-03-03T11:23:07+00:00","description":"Get ready to qualify exam -Learn more about IAM Key Features and practice hundreds of questions to become certified AWS Associate Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/aws-iam-key-feature\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"AWS Certified Solutions Architect Associate (SAA-C03)","item":"https:\/\/www.testpreptraining.ai\/tutorial\/aws-certified-solutions-architect-associate-table-of-content\/"},{"@type":"ListItem","position":3,"name":"IAM Key Features"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=295"}],"version-history":[{"count":8,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/295\/revisions"}],"predecessor-version":[{"id":51866,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/295\/revisions\/51866"}],"up":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/53"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media\/298"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}