Multiple Choice
An organization with a large IT department has decided to migrate to AWS. With different job functions in the IT department, it is not desirable to give all users access to all AWS resources. Currently the organization handles access via LDAP group membership. What is the BEST method to allow access using current LDAP credentials?
A) Create an AWS Directly Service Simple AD. Replicate the on-premises LDAP directory to Simple AD.
B) Create a Lambda function to read LDAP groups and automate the creation of IAM users.
C) Use AWS CloudFormation to create IAM roles. Deploy Direct Connect to allow access to the on-premises LDAP server.
D) Federate the LDAP directory with IAM using SAML. Create different IAM roles to correspond to different LDAP groups to limit permissions.
Correct Answer:
Verified
Correct Answer:
Verified
Q910: A web application runs on Amazon EC2
Q911: Two companies will be working on several
Q912: A SysOps Administrator has configured a CloudWatch
Q913: An organization is using AWS since a
Q914: How can the domain's zone apex for
Q916: A Development team has an application stack
Q917: A user has created a VPC with
Q918: A SysOps Administrator is responsible for managing
Q919: An Amazon EC2 instance is unable to
Q920: You have a server with a 5O0GB