ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 200 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 200
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company hosts its application on AWS. The company uses Amazon Cognito to manage users. When users log in to the application, the application fetches required data from Amazon DynamoDB by using a REST API that is hosted in Amazon API Gateway. The company wants an AWS managed solution that will control access to the REST API to reduce development efforts.

Which solution will meet these requirements with the LEAST operational overhead?

  • A. Configure an AWS Lambda function to be an authorizer in API Gateway to validate which user made the request.
  • B. For each user, create and assign an API key that must be sent with each request. Validate the key by using an AWS Lambda function.
  • C. Send the user’s email address in the header with every request. Invoke an AWS Lambda function to validate that the user with that email address has proper access.
  • D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by leonnnn at Nov. 28, 2022, 5:05 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Buruguduystunstugudunstuy
Highly Voted 2 years ago
Selected Answer: D
KEYWORD: LEAST operational overhead To control access to the REST API and reduce development efforts, the company can use an Amazon Cognito user pool authorizer in API Gateway. This will allow Amazon Cognito to validate each request and ensure that only authenticated users can access the API. This solution has the LEAST operational overhead, as it does not require the company to develop and maintain any additional infrastructure or code. Therefore, Option D is the correct answer. Option D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request.
upvoted 15 times
...
awsgeek75
Highly Voted 1 year ago
Selected Answer: D
A is possible if the authorisation logic makes sense and does not require operational overhead. B is too much overhead for each new user. C is lol D Company already has Cognito for it's users so just integrate it with the API gateway This question and options are poorly worded an A could be a reasonable choice if more information is provided. Just keep that in mind for the exam!
upvoted 5 times
...
kaleido
Most Recent 2 weeks, 6 days ago
Selected Answer: D
The answer is D. There are 2 ways to control user access to the API gateway REST API. That is through Lambda authorizers and Cognito user pools. Use Lambda authorizers if you want complete control over the authorization process. This allows you to customize what IAM policies a user is assigned. Use Cognito if your authorization needs are basic.
upvoted 1 times
...
ad2dj28
4 months, 3 weeks ago
Selected Answer: D
you can use an Amazon Cognito user pool to control who can access your API in Amazon API Gateway
upvoted 1 times
...
drich22
7 months, 2 weeks ago
Control access to a REST API using Amazon Cognito user pools as authorizer https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
upvoted 3 times
...
MehulKapadia
8 months, 3 weeks ago
Selected Answer: D
Answer D By integrating Amazon Cognito User Pools with API Gateway, you can secure your APIs and control access based on user authentication and authorization, allowing you to build secure and scalable web and mobile applications.
upvoted 2 times
...
Adi312100
9 months, 1 week ago
Selected Answer: D
Option D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request.
upvoted 2 times
...
osmk
1 year ago
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
upvoted 3 times
...
Tom123456ac
1 year, 3 months ago
The description of this question is really bad. Company is using Cognito to manage users already, but still verifying user info from dynamodb, very wired situation. But just select Cognito when you see Api gateway + cognito + authentication + least efforts
upvoted 4 times
...
TariqKipkemei
1 year, 3 months ago
Selected Answer: D
use Amazon Cognito to authorize user requests.
upvoted 2 times
...
Guru4Cloud
1 year, 3 months ago
Selected Answer: D
D. Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request
upvoted 3 times
...
Guru4Cloud
1 year, 4 months ago
Selected Answer: D
Option D is the best solution with the least operational overhead: Configure an Amazon Cognito user pool authorizer in API Gateway to allow Amazon Cognito to validate each request. The key reasons are: º Cognito user pool authorizers allow seamless integration between Cognito and API Gateway for access control. º API Gateway handles validating the access tokens from Cognito automatically without any custom code. º This is a fully managed solution with minimal ops overhead.
upvoted 3 times
...
cookieMr
1 year, 6 months ago
By configuring an Amazon Cognito user pool authorizer in API Gateway, you can leverage the built-in functionality of Amazon Cognito to authenticate and authorize users. This eliminates the need for custom development or managing access keys. Amazon Cognito handles user authentication, securely manages user identities, and provides seamless integration with API Gateway for controlling access to the REST API. A. Configuring an AWS Lambda function as an authorizer in API Gateway would require custom implementation and management of the authorization logic. B. Creating and assigning an API key for each user would require additional management and validation logic in an AWS Lambda function. C. Sending the user's email address in the header and validating it with an AWS Lambda function would also require custom implementation and management of the authorization logic. Option D, using an Amazon Cognito user pool authorizer, provides a streamlined and managed solution for controlling access to the REST API with minimal operational overhead.
upvoted 3 times
...
Bmarodi
1 year, 7 months ago
Selected Answer: D
solution will meet these requirements with the LEAST operational overhead is option D.
upvoted 2 times
...
studynoplay
1 year, 7 months ago
Selected Answer: D
LEAST operational overhead = Serverless = Cognito user pool
upvoted 2 times
...
cheese929
1 year, 8 months ago
Selected Answer: D
D is correct.
upvoted 2 times
...
k33
1 year, 9 months ago
Selected Answer: D
Answer : D
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel