ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 191 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 191
Topic #: 1
[All AWS Certified Developer Associate Questions]

A company is developing an application that will be accessed through the Amazon API Gateway REST API. Registered users should be the only ones who can access certain resources of this API. The token being used should expire automatically and needs to be refreshed periodically.

How can a developer meet these requirements?

  • A. Create an Amazon Cognito identity pool, configure the Amazon Cognito Authorizer in API Gateway, and use the temporary credentials generated by the identity pool.
  • B. Create and maintain a database record for each user with a corresponding token and use an AWS Lambda authorizer in API Gateway.
  • C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token.
  • D. Create an IAM user for each API user, attach an invoke permissions policy to the API, and use an IAM authorizer in API Gateway.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by kapil206001 at Nov. 24, 2022, 3:18 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BrainFried
10 months, 3 weeks ago
Selected Answer: C
You can still support expiring of tokens. "When you create an application for your user pool, you can set the application's refresh token expiration to any value between 60 minutes and 10 years." See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-the-refresh-token.html
upvoted 1 times
...
rcaliandro
1 year, 11 months ago
Selected Answer: C
That's true Identity pool canis designed for accessing services. But, we can use cognito user pools for authentication and integrate it with API Gateway. To do it, we need to create a cognito authorizer in API Gateway and redeploy the APIs that we want protect by referring the authorizer. I will go for C
upvoted 2 times
...
MMaquis
2 years, 3 months ago
Selected Answer: C
C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token. This option meets all the requirements of the question. By creating an Amazon Cognito User Pool, the developer can manage user authentication and authorization in a scalable and secure way. The Cognito Authorizer in API Gateway allows you to control access to your REST API endpoints based on user authentication, and the access or identity token can be used to authenticate and authorize users. Furthermore, Cognito User Pools support token expiration and refresh, so you can configure token lifetimes and refresh tokens periodically to ensure that access to the API is secure and users are authenticated. So, Option C is the most appropriate choice for this scenario.
upvoted 3 times
...
ezeik
2 years, 3 months ago
Selected Answer: C
It is C, https://aws.amazon.com/about-aws/whats-new/2020/08/amazon-cognito-user-pools-supports-customization-of-token-expiration/
upvoted 2 times
...
pancman
2 years, 3 months ago
Selected Answer: A
The answer is A as you need an identity pool in this case, not a user pool. Refer to this page: https://aws.amazon.com/premiumsupport/knowledge-center/cognito-user-pools-identity-pools/
upvoted 1 times
...
ShriniW
2 years, 3 months ago
Selected Answer: A
It is .... the credentials need to be temporary and identity pools serve this purpose
upvoted 1 times
...
Krt5894
2 years, 4 months ago
Selected Answer: C
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
upvoted 1 times
...
unbornfroyo
2 years, 4 months ago
Selected Answer: A
C. Create an Amazon Cognito user pool, configure the Cognito Authorizer in API Gateway, and use the identity or access token is incorrect because the authorizer for API Gateway should be a Cognito identity pool, not a user pool. User pools are designed for user sign-up and sign-in, while identity pools provide temporary AWS credentials for users to access other AWS services.
upvoted 3 times
...
sichilam
2 years, 4 months ago
If it is C, how about temporary token?
upvoted 2 times
MMaquis
2 years, 3 months ago
Cognito User Pools support token expiration and refresh
upvoted 1 times
MMaquis
2 years, 3 months ago
https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-id-and-access-tokens-token-expiration
upvoted 1 times
...
...
vichy
2 years, 4 months ago
agree, should be A
upvoted 1 times
...
...
michaldavid
2 years, 6 months ago
Selected Answer: C
ccccccc
upvoted 2 times
...
k1kavi1
2 years, 6 months ago
Selected Answer: C
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
upvoted 3 times
k1kavi1
2 years, 6 months ago
https://www.examtopics.com/discussions/amazon/view/28050-exam-aws-certified-developer-associate-topic-1-question-223/
upvoted 1 times
...
...
CloudHandsOn
2 years, 6 months ago
The answer is C.
upvoted 1 times
...
kapil206001
2 years, 6 months ago
C use cognito user pool authorizer with token validation .
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel