A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console. The directory service is not compatible with Security Assertion Markup Language (SAML). Which solution meets these requirements?

Questions › Category: SAA-C03 › A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console. The directory service is not compatible with Security Assertion Markup Language (SAML). Which solution meets these requirements?

0 Vote Up Vote Down

Admin Staff asked 10 months ago

A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console. The directory service is not compatible with Security Assertion Markup Language (SAML).
Which solution meets these requirements?

A. Enable AWS IAM Identity Center (AWS Single Sign-On) between AWS and the on-premises LDAP.

B. Create an IAM policy that uses AWS credentials, and integrate the policy into LDAP.

C. Set up a process that rotates the IAM credentials whenever LDAP credentials are updated.

D. Develop an on-premises custom identity broker application or process that uses AWS Security Token Service (AWS STS) to get short-lived credentials.








 

Correct Answer: D

This question is in SAA-C03 exam
For getting AWS Certified Solutions Architect Associate Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exams.