ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 271 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 271
Topic #: 1
[All AWS Certified Developer Associate Questions]

A company is building a serverless microservice for an existing application that uses AWS Lambda functions and Amazon API Gateway. The microservice needs to automate an on-premises identity provider (IdP) that supports the OpenID Connect (OIDC) standard.

What should the company do to implement the API authorization mechanism with the LEAST operational overhead?

  • A. Use an API Gateway HTTP API to invoke the Lambda functions. Set the JSON Web Token (JWT) issuer as the public OIDC endpoint of the on-premises IdP.
  • B. Use an API Gateway HTTP API to invoke the Lambda functions. Create an Amazon Cognito identity pool. Create a federation between the identity pool and the on-premises IdP. Set the identity pool as the JSON Web Token (JWT) issuer.
  • C. Use an API Gateway REST API to invoke the Lambda functions. Configure the JSON Web Token (JWT) issuer to link to the on-premises IdP over the public internet.
  • D. Use an API Gateway REST API to invoke the Lambda functions. Create an Amazon Cognito identity pool. Create a federation between the identity pool and the on-premises IdP. Set Amazon Cognito as the authorizer.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by k1kavi1 at Nov. 26, 2022, 6:25 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
9cb0c69
11 months, 3 weeks ago
Selected Answer: B
B, This approach minimizes operational overhead compered to D
upvoted 1 times
...
kyoharo
1 year, 7 months ago
Selected Answer: B
I'll go with B
upvoted 1 times
...
rcaliandro
2 years ago
Selected Answer: B
I will go with B. Why not HTTP API?
upvoted 2 times
...
ezeik
2 years, 4 months ago
Selected Answer: B
The answer is B, HTTP API is supported, not REST https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html
upvoted 4 times
...
ccna_imperathor
2 years, 5 months ago
Selected Answer: D
D: https://docs.aws.amazon.com/cognito/latest/developerguide/open-id.html
upvoted 4 times
...
KT_Yu
2 years, 5 months ago
The answer should be A. Only HTTP api support OpenID Connect. Also, API gateway does not integrated with Cognito Identity pool (in fact it is user pool)
upvoted 4 times
...
michaldavid
2 years, 7 months ago
Selected Answer: D
Agreed
upvoted 3 times
...
k1kavi1
2 years, 7 months ago
Selected Answer: D
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel