🔥 3-day streak
AWS Certified Solutions Architect - Professional84 / 186
Question 84 of 186
A financial services company uses AWS IAM Identity Center (successor to AWS SSO) with an external SAML identity provider to grant workforce access across 40 accounts in AWS Organizations. The security team defines permission sets that reference AWS managed policies. Developers report that when they attempt to attach a large custom inline policy plus several AWS managed policies to a single permission set, provisioning to member accounts fails. The team also needs the ability to constrain the maximum permissions any assigned user can ever receive through a permission set, regardless of the policies attached. Which combination of actions correctly addresses both the provisioning failure and the permission-ceiling requirement?
Reviewed for accuracy · Report an issueNext question