🔥 3-day streak
AWS Certified Solutions Architect - Professional78 / 186
Question 78 of 186
A financial services company uses AWS IAM Identity Center integrated with an external SAML identity provider. Auditors from a third-party firm require read-only console access to only the two AWS accounts in the 'Production-Regulated' OU during a 90-day engagement. Company policy mandates that no long-lived credentials be created, access must expire automatically at the end of the engagement, and auditors must never be able to reach any other account in the organization. Which approach best meets these requirements with the least ongoing administrative effort?
Reviewed for accuracy · Report an issueNext question