Answer-first summary for fast verification
Answer: AWS Identity and Access Management (IAM)
## Explanation **AWS Identity and Access Management (IAM)** is the correct answer because: - **IAM** is AWS's core service for managing access to AWS services and resources - It allows you to create and manage AWS users and groups - You can set permissions to control which AWS services and resources users can access - IAM provides centralized control of your AWS account - It integrates with existing identity systems through federation **Why other options are incorrect:** - **AWS Directory Service**: Used for integrating with Microsoft Active Directory, not the primary tool for managing AWS users/groups - **AWS Organizations**: Used for managing multiple AWS accounts, not individual user/group management - **AWS Single Sign-On**: Provides single sign-on access, but IAM is still needed for user/group management - **AWS Cognito**: Used for adding user sign-up/sign-in to mobile and web apps, not for managing AWS administrative access - **AWS CloudTrail**: Used for logging and monitoring API activity, not for user/group management For an operational team managing both on-premise and AWS identities, IAM would be the primary tool they need to learn and use for managing AWS users and groups.
Author: Ritesh Yadav
Ultimate access to all questions.
No comments yet.
Currently your organization has an operational team that takes care of ID management in their on-premise data center. They now also need to manage users and groups created in AWS. Which of the following AWS tools would they need to use for performing this management function.
A
AWS Identity and Access Management (IAM)
B
AWS Directory Service
C
AWS Organizations
D
AWS Single Sign-On
E
AWS Cognito
F
AWS CloudTrail