Answer: A.
Option A is correct.
AWS Single Sign-On (SSO) simplifies access management and manages access to multiple AWS accounts and business applications centrally.
Option B is incorrect.
AWS Identity and Access Management (IAM) deals with access management, providing the ability to manage access to AWS services and resources securely.
Using IAM, AWS users and groups could be created and managed.
You can also add permissions to allow or deny access to AWS resources.
Option C is incorrect.
AWS Account Manager is not a valid offering from AWS.
Option D is incorrect.
AWS Resource Access Manager (RAM) is a service that enables users to share AWS resources easily and securely.
The resources could be shared with any AWS account or within your AWS Organization.
References:
https://aws.amazon.com/single-sign-on/ https://aws.amazon.com/iam/ https://aws.amazon.com/ram/
Based on the information provided, the best option for the organization to manage access permissions centrally for AWS accounts and applications would be AWS Single Sign-On (SSO).
AWS SSO is a service that simplifies the management of access to AWS resources and business applications by enabling the organization to centrally manage access to multiple AWS accounts and applications using Single Sign-On. This means that users can sign in to all their assigned accounts and applications using a single set of credentials.
AWS SSO provides the following benefits:
Centralized management of access: AWS SSO provides a centralized location to manage access permissions to AWS accounts and applications. This reduces the administrative effort required to manage access and provides greater visibility and control over access permissions.
Easy user onboarding: AWS SSO provides a simple process for adding new users and groups, which makes it easy to onboard new employees and contractors.
Enhanced security: AWS SSO provides integration with AWS Multi-Factor Authentication (MFA) to add an extra layer of security for user sign-in.
Easy integration with third-party applications: AWS SSO provides built-in integration with many popular business applications, such as Salesforce, Box, and Office 365.
AWS Identity and Access Management (IAM) is another service that allows organizations to manage access to AWS resources, but it is more focused on managing access to specific AWS resources within a single AWS account. IAM is not designed to manage access across multiple AWS accounts or applications.
AWS Account Manager is not a service provided by AWS.
AWS Resource Access Manager (RAM) allows organizations to share resources across multiple AWS accounts. However, it is not designed to manage access permissions for AWS accounts and applications centrally.
In conclusion, based on the information provided, AWS SSO is the best option for the organization to manage access permissions centrally for AWS accounts and applications.
