Q60 — AWS DVA-C02 Ch.1

Question 60 of 100 | ← Chapter 1

A developer is building web and mobile applications for two types of users: regular users and guest users. Regular users must log in, but guest users do not. Users should only see their own data regardless of authentication status. Users require AWS credentials to access AWS resources. What is the most secure solution the developer can implement to allow guest users access?

Correct Answer: A. Use the Amazon Cognito Credentials Provider to issue temporary credentials linked to an unauthenticated role authorized to access required resources.

Explanation

Amazon Cognito identity pools provide temporary AWS credentials for both authenticated users (who receive tokens) and unauthenticated (guest) users. An identity pool serves as a repository for user identity data specific to your account.