Home › AWS Cloud Practitioner › cloudcomputing › securitycompliance › AWS IAM Identity Center (formerly AWS SSO) prima…
AWS IAM Identity Center (formerly AWS SSO) primarily lets you:
AProvide a free CDN tier for static websites
BCentrally manage workforce access to multiple AWS accounts and third-party SaaS applications using a single identity
CReplace AWS KMS for key encryption operations
DAuto-scale EC2 capacity based on user logins per second
Answer & Solution
Correct answer: B. Centrally manage workforce access to multiple AWS accounts and third-party SaaS applications using a single identity
IAM Identity Center is the centralized federation hub — it lets workforce users sign in once with corporate identity (Active Directory, Okta, Entra ID) and get permission sets across many AWS accounts in an Organization, plus SAML-federated SaaS apps. It does not replace KMS, autoscale anything, or run a CDN.
Related questions
Which combination correctly describes encryption in transit versus encryption at rest?A team wants to block common web exploits like SQL injection and cross-site scripting at tAn organization wants to detect threats like unusual API calls, compromised EC2 instances,For Amazon RDS, which of the following best describes the shared responsibility split?What is the difference between an IAM user and an IAM role?The principle of least privilege, as applied via IAM, recommends that you:Which AWS service logs all API calls made against the AWS account, so administrators can aWhich task can ONLY be performed by the AWS account root user, and not by any IAM user eve