ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 741 discussion

Exam question from Amazon's AWS-SysOps
Question #: 741
Topic #: 1
[All AWS-SysOps Questions]

A SysOps Administrator is configuring AWS SSO for the first time. The Administrator has already created a directory in the master account using AWS Directory
Service and enabled full access in AWS Organizations.
What should the Administrator do next to configure the service?

  • A. Create IAM roles in each account to be used by AWS SSO, and associate users with these roles using AWS SSO.
  • B. Create IAM users in the master account, and use AWS SSO to associate the users with the accounts they will access.
  • C. Create permission sets in AWS SSO, and associate the permission sets with Directory Service users or groups.
  • D. Create service control policies (SCPs) in Organizations, and associate the SCPs with Directory Service users or groups.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://aws.amazon.com/blogs/security/how-to-create-and-manage-users-within-aws-sso/
by iamsajal at Aug. 13, 2020, 11:09 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
albert_kuo
9 months, 1 week ago
Selected Answer: C
AWS SSO uses permission sets to define the level of access and permissions granted to users or groups. These permission sets are associated with the users or groups within AWS SSO, allowing for centralized management of access across multiple AWS accounts. By creating permission sets in AWS SSO, the Administrator can define the specific permissions and access levels required for different users or groups. This includes associating the permission sets with the Directory Service users or groups created in the previous steps.
upvoted 1 times
...
abhishek_m_86
2 years, 5 months ago
C. Create permission sets in AWS SSO, and associate the permission sets with Directory Service users or groups. Seem correct
upvoted 1 times
...
jackdryan
2 years, 5 months ago
I'll go with C
upvoted 1 times
...
hurryhurry
2 years, 6 months ago
repeated
upvoted 1 times
...
waterzhong
2 years, 6 months ago
AWS Single Sign-On (AWS SSO) is a cloud service that allows you to grant your users access to AWS resources, such as Amazon EC2 instances, across multiple AWS accounts. By default, AWS SSO now provides a directory that you can use to create users, organize them in groups, and set permissions across those groups. You can also grant the users that you create in AWS SSO permissions to applications such Salesforce, Box, and Office 365. AWS SSO and its directory are available at no additional cost to you.
upvoted 1 times
...
iamsajal
2 years, 6 months ago
Yes, it's C.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago