Multiple Choice
A company developed a set of APIs that are being served through the Amazon API Gateway. The API calls need to be authenticated based on OpenID identity providers such as Amazon or Facebook. The APIs should allow access based on a custom authorization model. Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?
A) Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based on JSON Web Tokens.
B) Build a OpenID token broker with Amazon and Facebook. Users will authenticate with these identify providers and pass the JSON Web Token to the API to authenticate each API call.
C) Store user credentials in Amazon DynamoDB and have the application retrieve temporary credentials from AWS STS. Make API calls by passing user credentials to the APIs for authentication and authorization.
D) Use Amazon RDS to store user credentials and pass them to the APIs for authentications and authorization.
Correct Answer:
Verified
Correct Answer:
Verified
Q145: Where should the appspec.yml file be placed
Q146: A developer is building an application integrating
Q147: A company's website runs on an Amazon
Q148: An application is expected to process many
Q149: A Developer wants to debug an application
Q151: A company needs to secure its existing
Q152: A company is building a stock trading
Q153: A Developer has an e-commerce API hosted
Q154: A Developer created a Lambda function for
Q155: A Developer has a stateful web server