ExpertMedium1 markMultiple Choice
AWS SAA-C03 · Question 12 · Domain 1.1: Secure Access
A company uses AWS Organizations to manage multiple AWS accounts. They want to implement a single sign-on solution for their developers using their existing on-premises Microsoft Active Directory. Which TWO actions are required? (Select TWO.)
A company uses AWS Organizations to manage multiple AWS accounts. They want to implement a single sign-on solution for their developers using their existing on-premises Microsoft Active Directory. Which TWO actions are required? (Select TWO.)
Answer options:
A.
Use AWS IAM Identity Center.
B.
Use Amazon Cognito User Pools.
C.
Connect IAM Identity Center to the on-premises AD using AWS Directory Service.
D.
Create IAM users for every developer in each account.
E.
Use AWS STS to generate long-term credentials.
How to approach this question
Identify the workforce identity service and the AD connection method.
Full Answer
AWS IAM Identity Center (formerly AWS SSO) centrally manages access to multiple AWS accounts. It can connect to an on-premises AD using AWS Directory Service (AD Connector).
Common mistakes
Choosing Cognito for workforce authentication.
Practice the full AWS SAA-C03 Practice Exam 2
65 questions · hints · full answers · grading
More questions from this exam
Q01A company wants to ensure that no AWS resources can be created in the ap-northeast-1 region acros...EasyQ02A web application runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The com...EasyQ03A company is storing highly sensitive data in an Amazon S3 bucket. The security team requires tha...MediumQ04An application running on an EC2 instance needs to access an Amazon DynamoDB table in a different...HardQ05A company needs to store database credentials securely. The credentials must be automatically rot...Medium