Explanation:
To set up SAML 2.0 federation with external IdP in IAM Identity Center, you need to exchange metadata: download Identity Center SAML metadata and upload IdP metadata (with cert for signing). No need for IP or root/member perms specifically for this setup.
Ultimate access to all questions.
No comments yet.
A company using AWS Control Tower needs to federate IAM Identity Center with an external SAML 2.0 IdP. Which TWO prerequisites must be in place to connect to the external IdP?
A
A copy of the IAM Identity Center SAML metadata
B
The IdP metadata including the public X.509 certificate
C
The IP address of the IdP
D
Root access to the management account
E
Administrative permissions to the member accounts