ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 15 · Domain 1.1: Secure Access
A company has 50 AWS accounts managed by AWS Organizations. They want to provide their employees with single sign-on (SSO) access to these accounts using their existing on-premises Active Directory. Which AWS service should they use?
A company has 50 AWS accounts managed by AWS Organizations. They want to provide their employees with single sign-on (SSO) access to these accounts using their existing on-premises Active Directory. Which AWS service should they use?
Answer options:
A.
AWS Directory Service for Microsoft Active Directory
B.
AWS IAM Identity Center
C.
Amazon Cognito
D.
AWS STS
How to approach this question
Match 'multi-account SSO' and 'workforce identity' to IAM Identity Center.
Full Answer
B.AWS IAM Identity Center✓ Correct
AWS IAM Identity Center
AWS IAM Identity Center is the recommended service for managing workforce access to AWS applications and multiple AWS accounts. It integrates easily with existing identity sources like Active Directory.
Common mistakes
Choosing Cognito, which is meant for application users, not AWS account administrators.
Practice the full AWS SAA-C03 Practice Exam 5
65 questions · hints · full answers · grading
More questions from this exam
Q01A company needs to grant an external auditor read-only access to specific AWS resources. The audi...EasyQ02An application running on EC2 instances needs to access objects in an S3 bucket. The security tea...MediumQ03A company is designing a VPC for a multi-tier web application. They need to block specific malici...MediumQ04A large enterprise uses AWS Organizations to manage multiple accounts. The security team wants to...HardQ05A company hosts a web application on an Application Load Balancer (ALB). They are experiencing SQ...Medium