Stay up to date with the latest from the Knowledge Center. See all new Knowledge Center articles published in the last month, and re:Post’s top contributors.
SAA-C03 question
Hi AWS,
A company hosts its application on AWS. The company uses Amazon Cognito to manage users. When users log in to the application, the application fetches required data from Amazon DynamoDB by using a REST API that is hosted in Amazon API Gateway. The company wants an AWS managed solution that will control access to the REST API to reduce development efforts.
Which solution will meet these requirements with the LEAST operational overhead?
A. Configure an AWS Lambda function to be an authorizer in API Gateway to validate which user made the request. B. For each user, create and assign an API key that must be sent with each request. Validate the key by using an AWS Lambda function. C. Send the user’s email address in the header with every request. Invoke an AWS Lambda function to validate that the user with that email address has proper access. D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request.
- Language
- English
- Newest
- Most votes
- Most comments
Hi Arjun,
As the organization already using Amazon Cognito to manage users, it can leverage Amazon Cognito user pools as authorizer to control access to a REST API. This is least operational overhead among others. Refer this documentation for more details on this.
May I request you please to do your search and post your findings with the queries you have rather than expecting the community to help you with the correct answer for the exam queries.
Hi Arjun, to add onto the previous answer, the identity pools allow for authentication of users which when paired with IAM allows for even more versatile use of the identity because cognito can be used to authorize and validate users but it can also put different users in different pipelines of permissions.
According to my opinion THIS is the best to take practice test questions for exam preparation. similar to real Exam Question thanks https://shorturl.at/Kh1qA
The best solution to meet the requirements with the least operational overhead is Option D: Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request.
Explanation:
- Amazon Cognito user pool authorizer: This AWS-managed solution integrates with API Gateway, allowing Cognito to manage authentication and authorization with minimal development effort.
- This option minimizes operational overhead compared to implementing custom logic or validation with Lambda, as required in options A, B, and C.
For more details on preparing for your AWS exam, check this link: https://bit.ly/AWS-Solution-Architect-Exam-Questions.
Relevant content
- asked a year ago
I did the research and referred to the same link you mentioned in the post. It's just that I want to avoid my confusion for such questions where there is very much similarity when it comes to eliminating the option from the list.
sure, no worries! Also if the answers are helpful, please accept the answers so the community benefits