Domain 1.1: Secure Access — AWS SAA-C03 Practice Question 04

How to approach this question

Differentiate between Cognito User Pools (authentication/directory) and Identity Pools (authorization/AWS credentials).

Full Answer

A.Amazon Cognito User Pools for authentication and Amazon Cognito Identity Pools for authorization to access S3.✓ Correct

Amazon Cognito User Pools for authentication and Amazon Cognito Identity Pools for authorization to access S3.

Amazon Cognito User Pools provide a user directory and handle authentication (including social federation). Cognito Identity Pools (Federated Identities) take the authentication tokens and exchange them for temporary, limited-privilege AWS IAM credentials to access AWS resources like S3.

Common mistakes

Confusing the roles of User Pools and Identity Pools.

How to approach this question

Full Answer

Common mistakes

Practice the full AWS SAA-C03 Practice Exam 4

More questions from this exam