A Security Engineer is working with a Product team building a web application on AWS. The application uses Amazon S3 to host the static content, Amazon API Gateway to provide RESTful services; and Amazon DynamoDB as the backend data store. The users already exist in a directory that is exposed through a SAML identity provider. Which combination of the following actions should the Engineer take to enable users to be authenticated into the web application and call APIs? (Choose three.)
A) Create a custom authorization service using AWS Lambda.
B) Configure a SAML identity provider in Amazon Cognito to map attributes to the Amazon Cognito user pool attributes.
C) Configure the SAML identity provider to add the Amazon Cognito user pool as a relying party.
D) Configure an Amazon Cognito identity pool to integrate with social login providers.
E) Update DynamoDB to store the user email addresses and passwords.
F) Update API Gateway to use a COGNITO_USER_POOLS authorizer. Update API Gateway to use a COGNITO_USER_POOLS authorizer.
Correct Answer:
Verified
Q69: A company uses user data scripts that
Q70: A Security Engineer is building a Java
Q71: A Security Engineer is defining the logging
Q72: An application uses Amazon Cognito to manage
Q73: An Amazon S3 bucket is encrypted using
Q75: The Accounting department at Example Corp. has
Q76: A company uses identity federation to authenticate
Q77: A Security Engineer is implementing a solution
Q78: To meet regulatory requirements, a Security Engineer
Q79: A company's security policy requires that VPC
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents