🔥 3-day streak
AWS Certified Security - Specialty71 / 157
Question 71 of 157
A company uses AWS IAM Identity Center (successor to AWS SSO) federated with an external SAML identity provider. The security team wants users to access only the AWS resources tagged with the same cost center as the user, without creating a separate permission set per cost center. Each user's cost center is stored as an attribute in the corporate IdP. Which approach BEST meets this requirement while minimizing the number of permission sets to maintain?
Reviewed for accuracy · Report an issueNext question