ExpertAWS SAA-C03 · Question 04 · Domain 1.1: Secure Access
A mobile application needs to access Amazon DynamoDB directly to read user-specific data. The application uses a third-party identity provider (IdP) like Google or Facebook for user authentication. What is the MOST secure way to grant the mobile app access to DynamoDB?
A mobile application needs to access Amazon DynamoDB directly to read user-specific data. The application uses a third-party identity provider (IdP) like Google or Facebook for user authentication. What is the MOST secure way to grant the mobile app access to DynamoDB?
Answer options:
Use Amazon Cognito User Pools to authenticate users and attach an IAM policy directly to the User Pool.
Use Amazon Cognito Identity Pools to exchange the third-party token for temporary AWS credentials mapped to an IAM role.
Embed an IAM user's access keys in the mobile application code.
Configure DynamoDB to allow public read access and filter results within the mobile application.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS SAA-C03 Practice Exam 1
65 questions · hints · full answers · grading