AWS Certified Developer Associate DVA-C02 Practice Question

To integrate a corporate Active Directory and provide temporary AWS credentials, the team should use an Amazon Cognito Identity Pool with SAML-based federation. Identity Pools are designed to create unique identities for users and federate them with identity providers, ultimately providing them with temporary AWS credentials to access other AWS services. While a Cognito User Pool can also federate with a SAML identity provider like Active Directory, its primary function is to provide authentication tokens (JWTs) for your application, not to directly grant AWS credentials. AWS IAM Identity Center is used for managing access to AWS accounts and cloud applications for an organization's workforce, not for providing credentials to an application's end-users. AWS Directory Service for Microsoft Active Directory is a managed AD service and not the correct choice for federating an existing corporate directory for application sign-in.