Answer: AWS Security Token Service (AWS STS)

AWS Security Token Service (AWS STS) is the service that provides temporary, limited-privilege security credentials to trusted users. These temporary credentials are used to access AWS resources without the need for long-term access keys. **Key points about AWS STS:** - Provides temporary security credentials that expire after a configurable period - Supports various federation scenarios including IAM roles, SAML, and web identity federation - Enables secure access for users, applications, and services without managing long-term credentials - Integrates with IAM roles to assume temporary permissions **Why other options are incorrect:** - **AWS Control Tower**: A service for setting up and governing a secure multi-account AWS environment, not for providing temporary credentials - **IAM user**: Provides long-term credentials, not temporary ones - **IAM web identity federation**: This is actually a use case that leverages AWS STS to provide temporary credentials, but AWS STS is the actual service that provides the credentials

Author: Ritesh Yadav