SAA-C03 - Design Secure Architectures - Section 1.2
Design secure access across multiple accounts using AWS Organizations, IAM Identity Center and federation with external identity providers.
Describe how AWS Organizations structures accounts into organisational units, and how service control policies set permission guardrails that cap what any member account can do. Distinguish IAM Identity Center SSO from direct SAML federation, and choose the right pattern for cross-account access given trust, auditing, and centralisation requirements.
AWS OrganizationsIAM Identity CenterService control policiesSAML federation
More in this domain
Back to all Design Secure Architectures objectives, or the SAA-C03 cert hub.
Examworthy is not affiliated with or endorsed by Amazon Web Services. Original, blueprint-aligned practice material only.