Term 151
IAM group
An IAM group is a collection of IAM users in a cloud or identity system that simplifies permission management by allowing you to assign policies to multiple users at once.
Acronym study
Terms 151–180 of 321 Google ACE acronyms and key terms. Each entry includes a plain-English definition and a link to the full 800-word glossary page with exam context and practice questions.
Term 151
An IAM group is a collection of IAM users in a cloud or identity system that simplifies permission management by allowing you to assign policies to multiple users at once.
Term 152
An IAM misconfiguration occurs when identity and access management settings are incorrectly set, granting too many or too few permissions to users or services, which can lead to security breaches or operational failures.
Term 153
An IAM policy is a set of rules that determines who can access specific cloud resources and what actions they are allowed to perform.
Term 154
An IAM role is a set of permissions that an entity can assume temporarily to access cloud resources securely.
Term 155
An IAM user is an identity created in AWS Identity and Access Management that represents a person or service interacting with AWS resources, with its own credentials and permissions.
Term 156
An image is a complete snapshot of a system's operating system, applications, and settings, used to deploy or restore computing environments quickly.
Term 157
An inbound ACL is a set of rules applied to network traffic entering an interface that decides whether to allow or block that traffic based on criteria like source IP, destination port, or protocol.
Term 158
Ingress is a Kubernetes API object that manages external access to services within a cluster, typically via HTTP or HTTPS routing rules.
Term 159
An instance template is a reusable configuration blueprint that defines the virtual machine settings, such as machine type, boot disk image, and network, for creating identical VM instances in Google Cloud Platform.
Term 160
Inter-VLAN routing is the process of forwarding network traffic between different VLANs to enable communication across logically separated broadcast domains.
Term 161
An Internet gateway is a cloud networking component that provides a connection between a virtual private cloud (VPC) and the public Internet, enabling resources in the VPC to send and receive traffic to and from the Internet.
Term 162
An IP address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
Term 163
An IP conflict occurs when two devices on the same network attempt to use the same IP address, causing communication disruptions.
Term 164
A Cisco IOS command that forwards broadcast traffic from one subnet to a specific server on another subnet, allowing devices to obtain IP configuration or other services without needing a router or server on their local network.
Term 165
IP Source Guard is a network security feature that blocks IP address spoofing by verifying that each packet's source IP address matches an authorized binding assigned to that switch port.
Term 166
IPv4 is the fourth version of the Internet Protocol, a set of rules that assigns unique numerical addresses to devices so they can communicate over networks like the internet.
Term 167
An IPv4 address is a unique 32-bit numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
Term 168
IPv6 is the most recent version of the Internet Protocol, designed to replace IPv4 by providing a vastly larger number of unique addresses and improved network features.
Term 169
An IPv6 address is a 128-bit numeric label used to identify a device on an Internet Protocol network, designed to replace IPv4 due to the exhaustion of available addresses.
Term 170
An IPv6 global unicast address is a public, globally unique IP address assigned to a single network interface, allowing direct communication over the Internet.
Term 171
An IPv6 link-local address is a self-assigned, non-routable address used for communication between devices on the same network segment without needing a central server.
Term 172
A set of machines, called nodes, that work together to run and manage containerized applications using Kubernetes orchestration software.
Term 173
Kubernetes RBAC is a security mechanism that controls who can access and perform actions on resources in a Kubernetes cluster based on their role.
Term 174
Kubernetes security is the practice of protecting containerized applications, the Kubernetes cluster itself, and the underlying infrastructure from unauthorized access, data breaches, and system vulnerabilities.
Term 175
A KVM switch is a hardware device that allows you to control multiple computers from a single keyboard, monitor, and mouse.
Term 176
Key-value pairs that AWS Lambda makes available to your function code at runtime, used to pass configuration settings like database URLs or feature flags without hardcoding them.
Term 177
A Lambda function is a piece of code that runs in the cloud without you having to manage any servers, and it only runs when you tell it to, saving you money and effort.
Term 178
A Lambda handler is the specific function in your code that AWS Lambda invokes to start processing an event, acting as the main entry point for your serverless application.
Term 179
A Lambda layer is a ZIP archive that contains libraries, custom runtimes, or other dependencies that you can use with your AWS Lambda functions.
Term 180
Lambda memory is the amount of RAM allocated to an AWS Lambda function, which also determines its CPU power and network throughput.