AWS Certified Cloud Practitioner (CLF-C02) — Question 363

A company wants to allow users to authenticate and authorize multiple AWS accounts by using a single set of credentials.

Which AWS service or resource will meet this requirement?

Answer options

• A. AWS Organizations
• B. IAM user
• C. AWS IAM Identity Center (AWS Single Sign-On)
• D. AWS Control Tower

Correct answer: C

Explanation

AWS IAM Identity Center (formerly AWS Single Sign-On) centrally manages single sign-on access to multiple AWS accounts and business applications using one set of credentials. AWS Organizations is used for account consolidation and billing, whereas an IAM user is limited to a single AWS account. AWS Control Tower helps set up and govern multi-account environments but relies on AWS IAM Identity Center to provision the actual single sign-on capabilities.