AWS Certified SysOps Administrator – Associate (legacy) — Question 722

In AWS Identity and Access Management, roles can be used by an external user authenticated by an external identity provider (IdP) service that is compatible with
_____.

Answer options

• A. BNML (Business Narrative Markup Language)
• B. CFML (ColdFusion Markup Language)
• C. SAML 2.0 (Security Assertion Markup Language 2.0)
• D. BPML (Business Process Modeling Language)

Correct answer: C

Explanation

AWS Identity and Access Management (IAM) supports federated access by integrating with external identity providers that are compatible with the SAML 2.0 (Security Assertion Markup Language 2.0) standard. Other options like BNML, CFML, and BPML are development, modeling, or narrative markup languages that do not provide federated identity or authentication capabilities. This compatibility allows organizations to leverage their existing directory services to grant users secure access to AWS resources without creating individual IAM users.