ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 1011 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 1011
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company hosts an application in a private subnet. The company has already integrated the application with Amazon Cognito. The company uses an Amazon Cognito user pool to authenticate users.

The company needs to modify the application so the application can securely store user documents in an Amazon S3 bucket.

Which combination of steps will securely integrate Amazon S3 with the application? (Choose two.)

  • A. Create an Amazon Cognito identity pool to generate secure Amazon S3 access tokens for users when they successfully log in.
  • B. Use the existing Amazon Cognito user pool to generate Amazon S3 access tokens for users when they successfully log in.
  • C. Create an Amazon S3 VPC endpoint in the same VPC where the company hosts the application.
  • D. Create a NAT gateway in the VPC where the company hosts the application. Assign a policy to the S3 bucket to deny any request that is not initiated from Amazon Cognito.
  • E. Attach a policy to the S3 bucket that allows access only from the users' IP addresses.
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️
by viejito at Oct. 7, 2024, 2:29 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bujuman
Highly Voted 5 months, 1 week ago
Selected Answer: AC
securely integrate Amazon S3 with the application: https://docs.aws.amazon.com/cognito/latest/developerguide/identity-pools.html https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html#types-of-vpc-endpoints-for-s3
upvoted 7 times
...
FlyingHawk
Most Recent 3 months, 1 week ago
Selected Answer: AC
An Amazon Cognito identity pool allows you to generate temporary AWS credentials (e.g., access tokens) for authenticated users. These credentials can be used to securely access AWS services like Amazon S3. By creating an identity pool, the application can generate secure Amazon S3 access tokens for users after they successfully log in, ensuring that only authenticated users can upload or access documents in the S3 bucket.
upvoted 1 times
FlyingHawk
3 months, 1 week ago
C_ A VPC endpoint for Amazon S3 allows private connectivity between the application (hosted in a private subnet) and the S3 bucket. This ensures that data transfer between the application and S3 stays within the AWS network, improving security and performance.
upvoted 1 times
...
...
LeonSauveterre
3 months, 2 weeks ago
Selected Answer: AC
A - Amazon Cognito identity pools provide temporary AWS credentials for authenticated users. B - User pools are for authentication (who the user is). Identity pools are for authorization (what the user can do). C - Traffic between your VPC and S3 stays within the AWS network, good. This also removes the need for a NAT Gateway for S3 access. D - Unnecessary and not secure. E - Users' IP addresses can change frequently (especially mobile users).
upvoted 2 times
...
viejito
5 months, 3 weeks ago
respuesta correcta : A - B
upvoted 2 times
dragossky
4 months, 1 week ago
identity pool - authorization user pool - authentication, in this case something needs to modify docs, so authorization
upvoted 1 times
...
luther77
5 months, 1 week ago
B doesnt make sense here. because user pools are used for authentication, not authorization
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago