Home › Forums › AWS › AWS Certified Solutions Architect Professional › Review Mode Set 3 Question 18 › Reply To: Review Mode Set 3 Question 18
-
Hi VitalyKr,
Thank you for your feedback.
The options provided in the question are indeed based on different ways to implement identity federation between on-premises systems and AWS. The correct options describe scenarios where a broker service, either the web application itself or a separate identity broker, is used to authenticate against the on-premises LDAP server and then call AWS STS to get temporary credentials. These are valid scenarios, but I understand that the wording might have caused some confusion.
Regarding the diagram, it was not intended to be misleading or to make the question a trick one. The diagram provided is a broad representation of identity federation implementations, encompassing both SAML and non-SAML solutions. It’s designed to illustrate the general process rather than match every specific scenario.
We value your input and will make the necessary updates to improve the clarity of the question and its options. These changes should be reflected on the portal as soon as possible. Thank you again for helping us improve our service.
Best Regards.