📋 IAM Cheat Sheet

Everything CLF-C02 candidates need to know about IAM users, groups, roles, policies, MFA, and least privilege.

Why This Cheat Sheet Matters for CLF-C02

This cheat sheet covers the most important AWS Identity and Access Management concepts tested on the CLF-C02 (AWS Cloud Practitioner) certification exam. It contains 3 sections with 13 key points that you should memorize before exam day. Master IAM users, groups, roles, policies, MFA, root account protection, least privilege, and identity federation at Cloud Practitioner depth. Use this as a quick-reference guide during your final review sessions.

3Sections
13Key Points

Core Building Blocks

  • IAM is a global service.
  • Users represent people or workloads with long-term credentials.
  • Groups collect users and make permission management easier.
  • Roles are assumed temporarily by AWS services, applications, users, or external identities.
  • Policies are JSON permissions documents that allow or deny actions on resources.

Security Basics

  • Enable MFA on the root user and avoid using the root user for daily tasks.
  • Use least privilege: grant only the permissions needed to perform a task.
  • Prefer roles for AWS services and cross-account access.
  • Explicit Deny overrides Allow.
  • Use IAM Identity Center for workforce access across AWS accounts.

Exam Cues

  • Need temporary credentials? Think IAM role or AWS STS.
  • Need centralized workforce sign-in? Think IAM Identity Center.
  • Need account-level guardrails across accounts? Think Organizations SCPs.

Practice IAM Questions

Put your knowledge to the test with practice questions.

IAM Questions →Full CLF-C02 Quiz

More CLF-C02 Cheat Sheets

📋Cloud Concepts Cheat Sheet📋Shared Responsibility Cheat Sheet📋EC2 Cheat Sheet📋S3 Cheat Sheet📋VPC Cheat Sheet📋Pricing and Billing Cheat Sheet📋AWS Support Plans Cheat Sheet
← CLF-C02 Study HubFree Mock Exam7-Day Study Plan