ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 375 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 375
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A company is developing an application that will be accessed through the Amazon API Gateway REST API. Registered users should be the only ones who can access certain resources of this API. The token being used should expire automatically and needs to be refreshed periodically.

How can a developer meet these requirements?

  • A. Create an Amazon Cognito identity pool, configure the Amazon Cognito Authorizer in API Gateway, and use the temporary credentials generated by the identity pool.
  • B. Create and maintain a database record for each user with a corresponding token and use an AWS Lambda authorizer in API Gateway.
  • C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token.
  • D. Create an IAM user for each API user, attach an invoke permissions policy to the API, and use an IAM authorizer in API Gateway.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by rdiaz at July 12, 2024, 5:44 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rdiaz
Highly Voted 9 months, 2 weeks ago
Selected Answer: C
Option A (Amazon Cognito Identity Pool): An Amazon Cognito Identity Pool provides temporary AWS credentials for users but is typically used in conjunction with user pools for unauthenticated access and to interact with AWS services. It does not handle user authentication and token expiration directly as needed for API access.
upvoted 5 times
...
examuserss
Most Recent 3 months, 3 weeks ago
Selected Answer: C
The best solution is C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token. Here's why: Cognito User Pools are designed for managing user identities and authentication. They handle user registration, login, and token generation securely. The tokens (ID and access tokens) generated by Cognito have built-in expiration mechanisms, automatically handling the refresh requirement. Cognito Authorizer in API Gateway seamlessly integrates with Cognito User Pools. It verifies the tokens presented by the client, ensuring only authorized users can access protected resources.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago