Which AWS service is specifically designed for managing user access permissions in a centralized way?

The service that is specifically designed for managing user access permissions in a centralized way is AWS IAM Identity Center. This service provides a simple and streamlined way to manage access to multiple AWS accounts and applications. It enables organizations to set up a centralized identity and access management solution, where users can access various accounts without needing separate credentials for each one.

AWS IAM Identity Center allows for fine-grained access control through roles and permission sets, making it easier for administrators to enforce a consistent security posture across an organization. Additionally, it integrates with existing identity providers, facilitating single sign-on (SSO) capabilities, which enhances user experience by allowing unified access to different resources with a single set of login credentials.

The other services listed have different primary functions. AWS IAM, for instance, manages user permissions but does not specifically focus on centralized management for multiple accounts in the same way that AWS IAM Identity Center does. AWS Organizations helps manage billing and governance for multiple AWS accounts but is not directly concerned with user access permissions. AWS Cognito is primarily focused on authenticating users for mobile and web applications, rather than managing access across accounts in a centralized manner.