A developer created a web API that receives requests by using an internet-facing Application Load Balancer (ALB) with an HTTPS listener. The developer configures an Amazon Cognito user pool and wants to ensure that every request to the API is authenticated through Amazon Cognito.
What should the developer do to meet this requirement?
To ensure that every request to the API is authenticated through Amazon Cognito, the developer should create an authentication action for the listener rules of the Application Load Balancer (ALB). By setting the rule action type to authenticate-cognito and configuring the OnUnauthenticatedRequest field to 'deny', this ensures that only authenticated requests are processed and forwarded to the target group. This configuration leverages the built-in authentication capabilities of the ALB with Amazon Cognito, making it the most suitable choice.
This approach uses the built-in capabilities of the ALB to authenticate requests with Amazon Cognito. By configuring a rule action to authenticate with a Cognito user pool, the ALB can handle authentication before the request is forwarded to the target group. The OnUnauthenticatedRequest setting of "deny" ensures that unauthenticated requests are not allowed access, which aligns with the requirement to authenticate every request.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#configure-user-authentication
https://www.examtopics.com/discussions/amazon/view/88889-exam-aws-certified-developer-associate-topic-1-question-332/
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#configure-user-authentication
B. Create an authentication action for the listener rules of the ALSet the rule action type to authenticate-cognito. Set the OnUnauthenticatedRequest field to “deny.”
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
I think its C - API G would work better ?
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-enable-cognito-user-pool.html
B is the correct answer.
This appear at 17 Jun exam
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_AuthenticateCognitoActionConfig.html