How can a developer ensure that all requests to a web API, served by an internet-facing Application Load Balancer (ALB) with an HTTPS listener and secured by an Amazon Cognito user pool, are authenticated?

Exam-Like

Implement a listener rule to return a 401 Unauthorized response if the Authorization header is absent.

14.3%

Configure the ALB's listener rules to authenticate requests using Cognito, denying access for unauthenticated requests.

57.1%

Utilize Amazon API Gateway with an authorizer set to the Cognito user pool for all API methods, forwarding them to the ALB endpoint.

28.6%

Integrate a Lambda function within a new target group to validate the Authorization header against Amazon Cognito, linking this group to the listener.

0.0%

AWS Certified Developer - Associate

Get started today

Comments

How can a developer ensure that all requests to a web API, served by an internet-facing Application Load Balancer (ALB) with an HTTPS listener and secured by an Amazon Cognito user pool, are authenticated?