BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam SOA-C02 Topic 7 Question 101 Discussion

Actual exam question for Amazon's SOA-C02 exam
Question #: 101
Topic #: 7
[All SOA-C02 Questions]

A company that uses AWS Organizations recently implemented AWS Control Tower The company now needs to centralize identity management A SysOps administrator must federate AWS 1AM Identity Center with an external SAML 2.0 identity provider (IdP) to centrally manage access to all the company's accounts and cloud applications

Which prerequisites must the SysOps administrator have so that the SysOps administrator can connect to the external IdP? (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

IAM Identity Center SAML Metadata:

This metadata is required to establish the trust relationship between AWS IAM Identity Center and the external SAML 2.0 identity provider.

Steps:

Download the IAM Identity Center SAML metadata from the AWS Management Console.

Provide this metadata to the external IdP.

IdP Metadata:

The metadata from the IdP, including the public X.509 certificate, is needed to configure the trust relationship.

Steps:

Obtain the IdP metadata, which includes the entity ID, endpoints, and X.509 certificate.

Configure the IAM Identity Center with this information.


by Silvana at Sep 14, 2024, 08:36 PM

Limited Time Offer

25%

Off

Get Premium SOA-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kerry
1 months ago
I'm not sure about the IP address of the IdP. Do we really need that for federating AWS 1AM Identity Center?
upvoted 0 times
...
Xuan
1 months ago
I agree with Elouise. Those are essential for connecting to the external IdP and centralizing identity management.
upvoted 0 times
...
Long
2 months ago
Alright, time to put on my detective hat. The SysOps admin needs the IdP metadata and the public X.509 certificate. Easy peasy, lemon squeezy!
upvoted 0 times
...
Sylvie
2 months ago
I bet the person who wrote this question was having a bad day. 'The IP address of the IdP'? Really? That's like asking for the phone number of the data center.
upvoted 0 times
Jesus
11 days ago
B: I have no idea. Seems like they could have worded this better.
upvoted 0 times
...
Carline
18 days ago
A: Exactly. And why would you need root access to the management account for this?
upvoted 0 times
...
German
27 days ago
B: I know right? It's not like we're going to knock on their door.
upvoted 0 times
...
Tequila
1 months ago
A: Definitely a strange question. Who needs the IP address of the IdP anyway?
upvoted 0 times
...
...
Josephine
2 months ago
To federate AWS IAM Identity Center with an external SAML 2.0 IdP, the SysOps admin needs the IdP metadata and the public X.509 certificate. That's a no-brainer!
upvoted 0 times
Marti
1 months ago
B: And don't forget about the public X.509 certificate!
upvoted 0 times
...
Valentine
2 months ago
A: The SysOps admin definitely needs the IdP metadata.
upvoted 0 times
...
...
Elouise
2 months ago
I think the prerequisites are having a copy of the 1AM Identity Center SAML metadata and the IdP metadata with the public X.509 certificate.
upvoted 0 times
...
Mirta
2 months ago
Root access to the management account? What is this, a superhero movie? The SysOps admin just needs the relevant permissions, not the entire kitchen sink!
upvoted 0 times
...

Save Cancel