ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 03 · Domain 1.1: Secure Access
A company wants to implement federated access to the AWS Management Console for its employees using their existing on-premises Active Directory. Which TWO services or features can be used to achieve this? (Select TWO.)
A company wants to implement federated access to the AWS Management Console for its employees using their existing on-premises Active Directory. Which TWO services or features can be used to achieve this? (Select TWO.)
Answer options:
A.
AWS IAM Identity Center (AWS SSO)
B.
Amazon Cognito user pools
C.
AWS Directory Service for Microsoft Active Directory
D.
AWS Identity and Access Management (IAM) SAML 2.0 federation
E.
AWS Resource Access Manager (RAM)
How to approach this question
Identify services that support workforce identity federation to the AWS Console.
Full Answer
AWS IAM Identity Center (AWS SSO), AWS Identity and Access Management (IAM) SAML 2.0 federation
IAM Identity Center and IAM SAML federation are the two primary ways to grant on-premises AD users access to the AWS Management Console.
Common mistakes
Selecting Cognito, which is for application users, not AWS console administrators.
Practice the full AWS SAA-C03 Practice Exam 7
65 questions · hints · full answers · grading
More questions from this exam
Q01A company has multiple AWS accounts in an AWS Organizations organization. The security team needs...MediumQ02An application runs on Amazon EC2 instances and needs to access an Amazon S3 bucket. What is the ...EasyQ04A company is building a mobile application that requires users to sign in using their social medi...EasyQ05A security team wants to enforce MFA for all IAM users before they can terminate EC2 instances. H...MediumQ06A company needs to grant a third-party vendor access to an S3 bucket in its AWS account. The vend...Hard