An analytics company runs multi-tier services in an Amazon VPC and wants to expose RESTful APIs to millions of users. Users must be authenticated before accessing the APIs. Which solution provides the MOST operational efficiency?
Choose an answer
Tap an option to check your answer.
Correct answer: Configure an Amazon Cognito user pool for user authentication. Implement Amazon API Gateway REST APIs with a Cognito authorizer..
Why this is the answer
The correct solution leverages Amazon Cognito User Pools for robust user authentication and Amazon API Gateway REST APIs with a Cognito authorizer. This combination offers the most operational efficiency because Cognito User Pools are a fully managed service for user directories, sign-up, and sign-in, offloading authentication complexity. API Gateway's native integration with Cognito authorizers simplifies securing API endpoints without writing custom authentication logic. The incorrect options are less efficient: Using an Amazon Cognito identity pool for authentication is primarily for granting AWS credentials, not direct user authentication for APIs. HTTP APIs are generally simpler but REST APIs offer more features suitable for complex multi-tier services. An AWS Lambda function for authentication adds custom code and management overhead, reducing operational efficiency compared to a managed Cognito authorizer. An IAM user for authentication is not suitable for millions of external users; IAM is for AWS resource access management, not public user authentication.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed