AWS Certified Solutions Architect Associate SAA-C03 Practice Question
Your enterprise manages user identities and permissions through its centralized directory service. You need to allow these users to access cloud resources without creating individual cloud service accounts for them. What is the most appropriate solution for extending your enterprise directory service for secure, federated access to these resources?
Establish a SAML 2.0 federation between the enterprise directory and cloud identity service for role assumption in the cloud.
Implement a dedicated network connection from the enterprise to the cloud provider, facilitating secure access to cloud resources.
Provide each entity in the directory with static access credentials to programmatically manage resources in the cloud.
Create individual user accounts within the cloud for each entity in the enterprise directory and manage permissions directly.