A company uses Amazon Cognito for external user authentication for a web application. External users report that they can no longer log in to the application.
What is the FIRST step that a security engineer should take to troubleshoot the problem?
A.
Review AWS CloudTrail logs to identify authentication errors that relate to Cognito users.
B.
Use AWS Identity and Access Management Access Analyzer to delete all unused IAM roles and users.
C.
Review any recent changes in Cognito configuration, IAM policies, and role trust policies to identify issues.
D.
Write a script that uses CLI commands to reset all user passwords in the Cognito user pool.
Usually it is best to check logs first to identify the issue. However since the question indicates that users were earlier able to use and now not able to access the application, it makes sense to check what changes were made recently. I will go with C on this one.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mnsait
1 month, 3 weeks ago