ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 30 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 30
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company has an application that uses Amazon Cognito user pools as an identity provider. The company must secure access to user records. The company has set up multi-factor authentication (MFA). The company also wants to send a login activity notification by email every time a user logs in.
What is the MOST operationally efficient solution that meets this requirement?

  • A. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon API Gateway API to invoke the function. Call the API from the client side when login confirmation is received.
  • B. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function.
  • C. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Create an Amazon CloudWatch Logs log subscription filter to invoke the function based on the login status.
  • D. Configure Amazon Cognito to stream all logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to process the streamed logs and to send the email notification based on the login status of each user.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by aragon_saa at March 17, 2023, 9:51 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bibay
Highly Voted 1 year, 7 months ago
B. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function. The most operationally efficient solution for sending login activity notifications by email for Amazon Cognito user pools is to use a Lambda trigger that is automatically invoked by Amazon Cognito every time a user logs in. This eliminates the need for client-side calls to an API or log subscription filter. A Lambda function can be used to send email notifications using Amazon SES. Option B satisfies these requirements and is the most operationally efficient solution.
upvoted 13 times
...
Untamables
Highly Voted 1 year, 9 months ago
Selected Answer: B
B https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html
upvoted 9 times
...
sumanshu
Most Recent 2 weeks ago
Selected Answer: B
A) Eliminated - the API Gateway needs to be explicitly invoked from the client. not operationally efficient B) Correct - Post-authentication triggers are built-in Cognito features that automatically execute a Lambda function after a user logs in. C) Eliminated - less efficient because it requires setting up CloudWatch Logs for Cognito, creating subscription filters, and maintaining log processing infrastructure D) Eliminated - highly complex and introduces multiple components (Kinesis, Firehose, Lambda),
upvoted 1 times
...
trieudo
3 weeks, 1 day ago
Selected Answer: B
==> Discard A: Requires client-side API calls, which are less secure and operationally inefficient (enhance security, validate in BE, ...) compared to server-side triggers. ==> Discard C: Relies on CloudWatch Logs and filters, which add unnecessary complexity and are not directly tied to Cognito's login events. ==> Discard D: Involves Kinesis Data Firehose for log streaming, which is over-engineered and introduces additional cost and latency for a simple notification task. B: Uses Cognito's native post-authentication trigger, which is the most secure, integrated, and operationally efficient method for sending email notifications after successful logins.
upvoted 1 times
...
serverlessme
2 months, 2 weeks ago
Option B is absolutely correct. The Lambda function is triggered by Coginito whenever a user log in. The Lambda function then sends email notification to the user using Amazon SES.
upvoted 1 times
...
65703c1
7 months, 2 weeks ago
Selected Answer: B
B is the correct answer.
upvoted 1 times
...
Melisa202401
9 months ago
Selected Answer: A
Amazon Cognito user pools integrate with API Gateway or ALB Process is: user athenticate with CUP, receive JWT (token), then pass to API Gateway API Gateway will evaluate JWT wwith CUP, if it is valid, allow access to Lambda (have a duty to send email)
upvoted 1 times
Melisa202401
9 months ago
sorry I change to B Because the question have the presence of MFA
upvoted 1 times
...
...
aragon_saa
1 year, 9 months ago
B https://www.examtopics.com/discussions/amazon/view/78944-exam-aws-certified-developer-associate-topic-1-question-9/
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago