Which technique can be used to integrate AWS IAM (Identity and Access Management) with
an on-premise LDAP (Lightweight Directory Access Protocol) directory service?
A.
Use an IAM policy that references the LDAP account identifiers and the AWS credentials.
B.
Use SAML (Security Assertion Markup Language) to enable single sign-on between AWS and
LDAP.
C.
Use AWS Security Token Service from an identity broker to issue short-lived AWS credentials.
D.
Use IAM roles to automatically rotate the IAM credentials when LDAP credentials are updated.
E.
Use the LDAP credentials to restrict a group of users from launching specific EC2 instance types.
Explanation:
https://d0.awsstatic.com/whitepapers/aws-whitepaper-single-sign-on-integrating-aws-openldap-and-shibboleth.pdf
B