Practice Test 1 | AWS Certified Cloud Practitioner | CLF-C01 | Dumps | Mock Test
A startup company that works on social media app development would like to grant freelance developers temporary access to its Lambda functions setup on AWS. These developers would be signing-in via Facebook authentication. Which service is the most appropriate to grant secure access?
A. Create user credentials using Identity Access Management (IAM).
B. Use Amazon Cognito for web-identity federation.
C. Use Access keys to provide temporary access.
D. Use a third-party Web ID, federated access provider.
Correct Answer – B
Amazon Cognito web identity federation service acts as a broker that allows authenticated users to access AWS resources. After successful authentication on platforms such as Facebook, LinkedIn, or Google Mail, users receive a temporary authentication code from Amazon Cognito, thereby gaining temporary access.
https://aws.amazon.com/cognito/
- Option A is INCORRECT. The access required is temporary and not directly onto the AWS environment. Identity Access Management (IAM) users will be granted access directly using AWS-specified credentials.
- Option C is INCORRECT. Access keys are long-term credentials for an IAM user or the AWS account root user. These keys are not suitable for temporary access.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
- Option D is INCORRECT. There is no need to take a third-party Web ID from federated access providers since Amazon has the Cognito service to perform that function.
Comments are closed, but trackbacks and pingbacks are open.