AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company needs to centrally manage workforce identity access and permissions across AWS accounts and applications. Which AWS service provides this functionality?
Real Exam
Community
RRitesh
A
Amazon Cognito
B
AWS Control Tower
C
AWS IAM Identity Center
D
AWS IAM Roles Anywhere
Explanation:
Explanation
AWS IAM Identity Center (formerly AWS Single Sign-On) is the correct service for centrally managing workforce identity access and permissions across multiple AWS accounts and applications.
Why AWS IAM Identity Center is correct:
-
Centralized Identity Management: Provides a central place to manage access to multiple AWS accounts and business applications
-
Single Sign-On (SSO): Enables users to sign in once and access all their assigned accounts and applications
-
Workforce Identity: Specifically designed for managing employee, contractor, and partner identities
-
Multi-account Management: Can manage permissions across multiple AWS accounts in an organization
Why other options are incorrect:
-
Amazon Cognito: Primarily for customer identity and access management for web and mobile applications, not for workforce identity
-
AWS Control Tower: For setting up and governing a secure, multi-account AWS environment, not specifically for identity management
-
AWS IAM Roles Anywhere: For enabling IAM roles for workloads running outside of AWS, not for workforce identity management
AWS IAM Identity Center integrates with existing identity providers like Microsoft Active Directory and provides fine-grained access control across the AWS organization.
Comments
Loading comments...