🔥 3-day streak
AWS Certified Security - Specialty57 / 157
Question 57 of 157
A company uses AWS IAM Identity Center integrated with an external SAML 2.0 identity provider (IdP) for workforce single sign-on across multiple AWS accounts. The security team wants each user's home region and cost-center to be passed from the IdP at sign-in so that permission sets can enforce access using policy conditions that reference these values, without creating a separate permission set per cost-center. What is the correct way to achieve this?
Reviewed for accuracy · Report an issueNext question