🔥 3-day streak
AWS Certified Solutions Architect - Professional83 / 186
Question 83 of 186

A company uses AWS IAM Identity Center (federated to an external corporate IdP) to manage access across 60 accounts in AWS Organizations. Security requires a documented "break-glass" procedure that grants a small group of on-call engineers full administrative access to any account during a Sev-1 incident, even if the corporate IdP is unavailable. Normal daily access must continue to flow through the IdP. The solution must minimize the standing privileged footprint and provide a clear audit trail of when break-glass access is used. Which approach BEST meets these requirements?

Reviewed for accuracy · Report an issueNext question