Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 7 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 7
Topic #: 1
[All AWS Certified Developer Associate Questions]

A developer is building an application that runs behind an Application Load Balancer (ALB). The ALB is configured as the origin for an Amazon CloudFront distribution. Users will log in to the application by using their social media accounts.
How can the developer authenticate users?

  • A. Validate the users by inspecting the tokens in an AWS Lambda authorizer on the ALB.
  • B. Configure the ALB to use Amazon Cognito as one of the authentication providers.
  • C. Configure CloudFront to use Amazon Cognito as one of the authentication providers.
  • D. Validate the users by calling the Amazon Cognito API in an AWS Lambda authorizer on the ALB.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by JAMG54 at Sept. 1, 2022, 3:57 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
JAMG54
Highly Voted 2 years, 2 months ago
B seems to be correct
upvoted 10 times
Merrick
2 years, 1 month ago
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html
upvoted 6 times
...
...
AsmaZoheb
Most Recent 9 months, 3 weeks ago
I think so B because origin is ALB and we need to provide authentication to origin ALB, Cognito is for authentication provider.
upvoted 1 times
...
rcaliandro
1 year, 4 months ago
Selected Answer: B
It is possible to integrate Amazon Cognito User Pools with a load balancer in order to provide an authentication system before the ALB is called. It is also possible to configure the auth page by adding a logo if you want or use a third-part system to autenticate like Google or Facebook. So, we need to: - Create an user pool - Create an user pool client - Create a pool domain name - Federate with social - Configure the DNS - Congigure a callback URL to point the ALB URL (in case of successful login) (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#cognito-requirements)
upvoted 3 times
...
LeoUrlian
1 year, 6 months ago
Selected Answer: B
i thing is B
upvoted 1 times
...
Krt5894
1 year, 8 months ago
Selected Answer: B
It should be B
upvoted 1 times
...
Dirisme
1 year, 10 months ago
Its B https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html
upvoted 2 times
...
SBoksh
1 year, 11 months ago
Selected Answer: B
https://aws.amazon.com/blogs/aws/built-in-authentication-in-alb/
upvoted 2 times
...
Elliana
1 year, 11 months ago
B is correct. You cannot directly integrate Cognito User Pools with CloudFront distribution as you have to create a separate Lambda@Edge function to accomplish the authentication via Cognito User Pools.
upvoted 4 times
...
dark_cherrymon
1 year, 11 months ago
Selected Answer: D
could be D https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-how-to-use-lambdaedge-and-json-web-tokens-to-enhance-web-application-security/ "In the Outputs section, look for LambdaAtEdgeFunction with the URL for editing the Lambda function, similar to the screenshot below."
upvoted 2 times
dark_cherrymon
1 year, 11 months ago
oh wait no it's C because lambda at edge is for cloud front but on the question it says lambda@edge is for ALB
upvoted 1 times
...
...
cloud_collector
1 year, 12 months ago
Selected Answer: B
ALB’s new authentication action provides authentication through social Identity Providers (IdP) like Google, Facebook, and Amazon through Amazon Cognito. It also natively integrates with any OpenID Connect protocol compliant IdP, providing secure authentication and a single sign-on experience across your applications. https://aws.amazon.com/blogs/aws/built-in-authentication-in-alb/
upvoted 1 times
...
kio222
2 years ago
I think the answer is D https://aws.amazon.com/ko/blogs/security/protect-public-clients-for-amazon-cognito-by-using-an-amazon-cloudfront-proxy/
upvoted 1 times
...
Tera_911
2 years, 1 month ago
Why it can't be C?
upvoted 1 times
adsdadasdad
2 years ago
Cloudfront is CDN, You configure the client application (mobile or web client) to use a CloudFront endpoint as a proxy to an Amazon Cognito Regional endpoint. You can configure an Application Load Balancer to securely authenticate users as they access your applications. This enables you to offload the work of authenticating users to your load balancer so that your applications can focus on their business logic.
upvoted 8 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel