A SysOps Administrator is configuring AWS SSO for the first time. The Administrator has already created a directory in the master account using AWS Directory Service and enabled full access in AWS Organizations.
What should the Administrator do next to configure the service?
A. Create IAM roles in each account to be used by AWS SSO, and associate users with these roles using AWS SSO.
B. Create IAM users in the master account, and use AWS SSO to associate the users with the accounts they will access.
C. Create permission sets in AWS SSO, and associate the permission sets with Directory Service users or groups.
D. Create service control policies (SCPs) in Organizations, and associate the SCPs with Directory Service users or groups.
What should the Administrator do next to configure the service?
A. Create IAM roles in each account to be used by AWS SSO, and associate users with these roles using AWS SSO.
B. Create IAM users in the master account, and use AWS SSO to associate the users with the accounts they will access.
C. Create permission sets in AWS SSO, and associate the permission sets with Directory Service users or groups.
D. Create service control policies (SCPs) in Organizations, and associate the SCPs with Directory Service users or groups.