ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 411 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 411
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is deploying a third-party web application on AWS. The application is packaged as a Docker image. The company has deployed the Docker image as an AWS Fargate service in Amazon Elastic Container Service (Amazon ECS). An Application Load Balancer (ALB) directs traffic to the application.

The company needs to give only a specific list of users the ability to access the application from the internet. The company cannot change the application and cannot integrate the application with an identity provider. All users must be authenticated through multi-factor authentication (MFA).

Which solution will meet these requirements?

  • A. Create a user pool in Amazon Cognito. Configure the pool for the application. Populate the pool with the required users. Configure the pool to require MFConfigure a listener rule on the ALB to require authentication through the Amazon Cognito hosted UI.
  • B. Configure the users in AWS Identity and Access Management (IAM). Attach a resource policy to the Fargate service to require users to use MFA. Configure a listener rule on the ALB to require authentication through IAM.
  • C. Configure the users in AWS Identity and Access Management (IAM). Enable AWS IAM Identity Center (AWS Single Sign-On). Configure resource protection for the ALB. Create a resource protection rule to require users to use MFA.
  • D. Create a user pool in AWS Amplify. Configure the pool for the application. Populate the pool with the required users. Configure the pool to require MFA. Configure a listener rule on the ALB to require authentication through the Amplify hosted UI.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by clevvve at Jan. 1, 2024, 3:24 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JMAN1
Highly Voted 10 months, 1 week ago
Selected Answer: A
A? As GPT says, In this scenario, setting up a user pool in Amazon Cognito allows you to define the specific list of users who can access the application. You can configure the user pool to require multi-factor authentication (MFA), ensuring an additional layer of security for user authentication. Configuring the ALB listener rule to require authentication through the Amazon Cognito hosted UI means that users attempting to access the application through the ALB will be redirected to the Cognito hosted UI for authentication, where they'll need to provide their credentials and MFA code. This setup ensures that only authenticated users from the specific user pool with MFA will have access to the application, meeting the requirements without modifying the application itself.
upvoted 9 times
...
thotwielder
Highly Voted 10 months ago
web application = Cognito
upvoted 6 times
...
career360guru
Most Recent 8 months, 1 week ago
Selected Answer: A
As application can not be changed to integrate with Identity provider and users needs to be authenticated from internet using Cognito is the only possible solution among the options.
upvoted 4 times
...
duriselvan
9 months ago
A ans https://repost.aws/knowledge-center/cognito-user-pool-alb-authentication
upvoted 3 times
...
igor12ghsj577
9 months, 3 weeks ago
A sounds OK
upvoted 1 times
...
tmlong18
10 months ago
Selected Answer: A
Answer is A ALB authentication only integration with: Cognito AWS_IAM Lambda authorizer
upvoted 1 times
tmlong18
10 months ago
No, I am wrong. But answer is still A. API GW authentication only integration with: Cognito AWS_IAM Lambda authorizer ALB authentication only integration with: Cognito OIDC
upvoted 4 times
...
...
career360guru
10 months ago
Selected Answer: A
Answer is A
upvoted 1 times
...
Laercio96
10 months, 1 week ago
Answer is A
upvoted 1 times
...
clevvve
10 months, 2 weeks ago
B&C is for accessing aws resources
upvoted 1 times
...
clevvve
10 months, 2 weeks ago
Selected Answer: A
Answer is A
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago