A SysOps Administrator is tasked with making the AWS Management Console and AWS CLI access more streamlined and secure. The company uses Active Directory for internal IT resources. But for AWS, users share the account owner (root) login.
What is the recommended way for the Administrator to make access more secure and streamlined?

Answer options:

A.Store Active Directory logins using reversible encryption. Implement a script to query the Active Directory logins for Administrators and synchronize passwords with the matching AWS logins.
B.Create IAM users for each user that require AWS access and mirror their Active Directory groups with AWS IAM Groups. Allow users to keep passwords synchronized if they prefer.
C.Configure a SAML federation between AWS and the corporate Active Directory. Map Active Directory groups to IAM Roles to manage user permissions.
D.Move users to SSH keys and discontinue use of the root login. Make sure that keys are rotated every 90 days and disable password authentication to the console.

Correct Answer: C
The preferred setup is given in the AWS Documentation.
Since the preferred setup is already given, all other options are incorrect.
For more information on the preferred setup, please visit the below URL-
https://aws.amazon.com/blogs/security/enabling-federation-to-aws-using-windows-active-directory-adfs-and-saml-2-0/