This guide contains the notes that I created during the preparation for the AWS Certified Security Specialty exam. I’ve mostly used the content that was provided for free by AWS using their https://explore.skillbuilder.aws/, https://aws.amazon.com/whitepapers/?whitepapers-main.sort-by=item.additionalFields.sortDate&whitepapers-main.sort-order=desc&awsf.whitepapers-content-type=*all&awsf.whitepapers-global-methodology=*all&awsf.whitepapers-tech-category=*all&awsf.whitepapers-industries=*all&awsf.whitepapers-business-category=*all, and the https://docs.aws.amazon.com/?nc2=h_ql_doc_do.
There are 3 IAM access policy types: AWS managed – AWS managed policies are pre-defined policies that are created and managed by AWS.
AWS KMS is a huge part of the AWS Certified Security specialty exam, so please pay attention to this part of the guide!
KMS policy conditions – The kms:ViaService condition key limits the use of an AWS KMS CMK to requests from specified AWS services.