Question 210:
There is a requirement for an application hosted on a VPC to access the On-premises LDAP server. The VPC and the On-premises location are connected via an IPSec VPN. Which of the below are the right options for the application to authenticate each user. Choose 2 answers from the options below.
Answer options:
A.Develop an identity broker that authenticates against the IAM security Token service to assume the IAM role to get temporary AWS security credentials. The application calls the identity broker to get AWS temporary security credentials. B.The application authenticates against LDAP and retrieves the name of an IAM role associated with the user. The application then calls the IAM Security Token Service to assume that IAM role. The application can use the temporary credentials to access any AWS resources. C.Develop an identity broker that authenticates against LDAP and then calls IAM Security Token Service to get IAM federated user credentials. The application calls the identity broker to get IAM federated user credentials to access the appropriate AWS service. D.The application authenticates against LDAP. The application then calls the AWS identity and Access Management (IAM) Security service to log in to IAM using the LDAP credentials. The application can use the IAM temporary credentials to access the appropriate AWS service.
