Your company has recently extended its datacenter into a VPC on AVVS to add burst computing
capacity as needed Members of your Network Operations Center need to be able to go to the
AWS Management Console and administer Amazon EC2 instances as necessary You don’t want
to create new IAM users for each NOC member and make those users sign in again to the AWS
Management Console Which option below will meet the needs for your NOC members?
A.
Use OAuth 2 0 to retrieve temporary AWS security credentials to enable your NOC members to
sign in to the AWS Management Console.
B.
Use web Identity Federation to retrieve AWS temporary security credentials to enable your NOC
members to sign in to the AWS Management Console.
C.
Use your on-premises SAML 2.0-compliant identity provider (IDP) to grant the NOC members
federated access to the AWS Management Console via the AWS single sign-on (SSO) endpoint.
D.
Use your on-premises SAML 2.0-compliam identity provider (IDP) to retrieve temporary security
credentials to enable NOC members to sign in to the AWS Management Console.
C
C
I thought C and D are the SAME, what’s the difference?
C
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html
C is for Single Sign Onto AWS console.
D is for API access.
That’s correct! Thanks for the explanation! It is really subtle.