Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam SOA-C02 Topic 7 Question 101 Discussion

Actual exam question for Amazon's SOA-C02 exam
Question #: 101
Topic #: 7
[All SOA-C02 Questions]

A company that uses AWS Organizations recently implemented AWS Control Tower The company now needs to centralize identity management A SysOps administrator must federate AWS 1AM Identity Center with an external SAML 2.0 identity provider (IdP) to centrally manage access to all the company's accounts and cloud applications

Which prerequisites must the SysOps administrator have so that the SysOps administrator can connect to the external IdP? (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: A, B

IAM Identity Center SAML Metadata:

This metadata is required to establish the trust relationship between AWS IAM Identity Center and the external SAML 2.0 identity provider.

Steps:

Download the IAM Identity Center SAML metadata from the AWS Management Console.

Provide this metadata to the external IdP.

IdP Metadata:

The metadata from the IdP, including the public X.509 certificate, is needed to configure the trust relationship.

Steps:

Obtain the IdP metadata, which includes the entity ID, endpoints, and X.509 certificate.

Configure the IAM Identity Center with this information.


Contribute your Thoughts:

Kerry
11 days ago
I'm not sure about the IP address of the IdP. Do we really need that for federating AWS 1AM Identity Center?
upvoted 0 times
...
Xuan
12 days ago
I agree with Elouise. Those are essential for connecting to the external IdP and centralizing identity management.
upvoted 0 times
...
Long
29 days ago
Alright, time to put on my detective hat. The SysOps admin needs the IdP metadata and the public X.509 certificate. Easy peasy, lemon squeezy!
upvoted 0 times
...
Sylvie
30 days ago
I bet the person who wrote this question was having a bad day. 'The IP address of the IdP'? Really? That's like asking for the phone number of the data center.
upvoted 0 times
German
4 days ago
B: I know right? It's not like we're going to knock on their door.
upvoted 0 times
...
Tequila
16 days ago
A: Definitely a strange question. Who needs the IP address of the IdP anyway?
upvoted 0 times
...
...
Josephine
1 months ago
To federate AWS IAM Identity Center with an external SAML 2.0 IdP, the SysOps admin needs the IdP metadata and the public X.509 certificate. That's a no-brainer!
upvoted 0 times
Marti
19 days ago
B: And don't forget about the public X.509 certificate!
upvoted 0 times
...
Valentine
29 days ago
A: The SysOps admin definitely needs the IdP metadata.
upvoted 0 times
...
...
Elouise
1 months ago
I think the prerequisites are having a copy of the 1AM Identity Center SAML metadata and the IdP metadata with the public X.509 certificate.
upvoted 0 times
...
Mirta
1 months ago
Root access to the management account? What is this, a superhero movie? The SysOps admin just needs the relevant permissions, not the entire kitchen sink!
upvoted 0 times
...

Save Cancel