Answer-first summary for fast verification
Answer: Modify the Cognito identity pool to assume an IAM role granting access to the protected content.
The correct answer is A: Modify the Cognito identity pool to assume an IAM role granting access to the protected content. This is because Amazon Cognito can be configured to assume IAM roles that have the necessary permissions to access specific resources. By updating the identity pool to assume a role that has permissions to access the protected content in the second S3 bucket, users authenticated through Cognito will be granted the appropriate access, resolving the reported issues. Options B and C are not addressing the primary cause related to permission handling via Cognito, and D is more about mapping user attributes rather than permissions management via roles.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A web application hosted on Amazon S3 uses Amazon Cognito for user authentication, issuing JWTs for access to protected S3 resources. Users face access issues post-deployment. How should a solutions architect ensure proper access permissions?
A
Modify the Cognito identity pool to assume an IAM role granting access to the protected content.
B
Change the S3 ACL to permit the application access to the protected content.
C
Redistribute the application on S3 to resolve issues with eventual consistency affecting user access.
D
Adjust Cognito pool settings for custom attribute mappings to provide necessary access permissions to users.
No comments yet.