Table of Contents
Why Does IAM Identity Center Require All Features in AWS Organizations?
Discover the essential prerequisites for configuring AWS IAM Identity Center. Learn why enabling AWS Organizations with all features is a mandatory technical requirement for centralized access management across your AWS accounts and why other settings are insufficient.
Question
Which is a prerequisite for setting up AWS IAM Identity Center?
A. Root user of the Management Account must have MFA enabled
B. AWS Organizations service and Consolidated Billing features set to enabled
C. AWS Organizations service and all features set to enabled
Answer
C. AWS Organizations service and all features set to enabled
Explanation
The correct answer is C. Setting up AWS IAM Identity Center requires that you have an organization created through AWS Organizations with the all features setting enabled.
IAM Identity Center is designed to function as the central hub for managing user access across all accounts within an AWS Organization. To achieve this, it relies on the advanced governance and integration capabilities that are only available when the “all features” set is enabled. This feature set allows IAM Identity Center to discover accounts, apply permission sets consistently, and integrate with other management services. The “consolidated billing” only mode does not provide the necessary framework for these cross-account management functions.
Option A is incorrect because enabling Multi-Factor Authentication (MFA) on the management account’s root user is a critical security best practice, but it is not a technical prerequisite for enabling IAM Identity Center.
Option B is incorrect because the “consolidated billing” feature set is the default and most basic configuration for AWS Organizations. It only groups accounts for billing purposes and lacks the advanced management capabilities that IAM Identity Center depends on to function.
AWS Security Governance at Scale certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the AWS Security Governance at Scale exam and earn AWS Security Governance at Scale certificate.