Q93 — AWS DVA-C02 Ch.1

Question 93 of 100 | ← Chapter 1

A company has an application that uses Amazon Cognito user pools as its identity system. The company must protect access to user records. The company has enabled multi-factor authentication (MFA). The company also wants to send login activity notifications via email each time a user logs in. What is the most efficient solution to meet these requirements?

Correct Answer: B. Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send email notifications. Add an Amazon Cognito Post Authentication Lambda trigger to the function.

Explanation

In Amazon Cognito, Lambda triggers can be directly configured for specific events such as user login. This approach is the most direct and efficient because it automatically invokes the function upon user action without requiring additional API calls or log subscriptions. Option B precisely fulfills this need by invoking the Lambda function via a Cognito Post Authentication trigger to send email notifications upon login. This ensures real-time delivery and simplifies architecture, making it the most efficient solution to meet the stated requirements.