A photo-sharing service stores pictures in Amazon Simple Storage Service (S3) and allows application sign-in
using an OpenID Connect-compatible identity provider. Which AWS Security Token Service approach to
temporary access should you use for the Amazon S3 operations?
SAML-based Identity Federation
AWS Identity and Access Management roles
Web Identity Federation