A Security Engineer is working with a Product team building a web application on AWS. The application uses Amazon S3 to host the static content, Amazon API Gateway to provide RESTful services; and Amazon DynamoDB as the backend data store. The users already exist in a directory that is exposed through a SAML identity provider. Which combination of the following actions should the Engineer take to enable users to be authenticated into the web application and call APIs? (Choose three.) A. Create a custom authorization service using AWS Lambda. B. Configure a SAML identity provider in Amazon Cognito to map attributes to the Amazon Cognito user pool attributes. C. Configure the SAML identity provider to add the Amazon Cognito user pool as a relying party. D. Configure an Amazon Cognito identity pool to integrate with social login providers. E. Update DynamoDB to store the user email addresses and passwords. F. Update API Gateway to use a COGNITO_USER_POOLS authorizer. Suggested Answer: BCF Community Answer: BCF This question is in SCS-C01 AWS Certified Security – Specialty Exam For getting AWS Certified Security – Specialty Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer