AWS Certified Cloud Practitioner
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company is designing an identity access management solution for an application. The company wants users to be able to use their social media, email, or online shopping accounts to access the application.
Which AWS service provides this functionality?
Real Exam
Community
RRitesh
A
AWS IAM Identity Center
B
AWS Config
C
Amazon Cognito
D
AWS Identity and Access Management (IAM)
Explanation:
Explanation
Amazon Cognito is the correct AWS service for this functionality because:
-
Federated Identity: Amazon Cognito supports federated identity, allowing users to sign in using social identity providers (like Facebook, Google, Amazon), enterprise identity providers (via SAML), and OpenID Connect (OIDC) providers.
-
User Pools: It provides user pools that enable user registration, sign-in, and account recovery, with built-in support for social and enterprise identity federation.
-
Identity Pools: It also offers identity pools (federated identities) to grant temporary AWS credentials to users, enabling access to AWS services.
Why not the other options?
-
AWS IAM Identity Center: Primarily for workforce identity and single sign-on (SSO) to AWS accounts and business applications, not typically for customer-facing applications with social login.
-
AWS Config: A service for assessing, auditing, and evaluating AWS resource configurations, unrelated to identity management.
-
AWS Identity and Access Management (IAM): Used for managing access to AWS services and resources for AWS users, not for customer-facing application authentication with social providers.
Amazon Cognito is specifically designed for customer identity and access management (CIAM) scenarios where users need to sign in using external identity providers.
Comments
Loading comments...