AWS Certified Cloud Practitioner - Enabling Authentication for Amazon S3 Bucket Access

Enable Authentication for a Large Number of Users Accessing an Amazon S3 Bucket Using a Mobile App

Question

Which of the following tools can be used to enable authentication for a large number of users accessing an Amazon S3 bucket using a mobile app?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B.

Using Amazon Cognito user pool & identity pool, mobile app users can be authenticated to use AWS services like Amazon S3 bucket.

Options A & C are incorrect as IAM users & IAM group can create authentication & manage access for users accessing AWS services.

These services are not suitable to provide authentication to millions of users accessing AWS services via mobile app.

Option D is incorrect as AWS STS is a service that grants temporary access privilege for AWS IAM users or federated users.

For more information on Amazon Cognito, refer to the following URL:

https://aws.amazon.com/cognito/faqs/

The recommended tool for enabling authentication for a large number of users accessing an Amazon S3 bucket using a mobile app is Amazon Cognito. Therefore, the correct answer is B.

Amazon Cognito is a user authentication and management service that makes it easy to add sign-up, sign-in, and access control to mobile and web apps. With Amazon Cognito, you can easily create and manage user pools that scale to hundreds of millions of users, and provide secure access to AWS resources and other services.

When using Amazon Cognito with Amazon S3, users can authenticate with the user pools provided by Amazon Cognito and be granted temporary AWS credentials that enable them to access the S3 bucket. This allows you to manage user access to your S3 bucket, and also provides a simple and secure way to authenticate your mobile app users.

AWS IAM users and groups are primarily used for managing access to AWS services, and while it is possible to use them to grant access to an S3 bucket, this is not recommended for large numbers of users or mobile app users.

AWS STS (Security Token Service) provides temporary security credentials that can be used to access AWS services. While it can be used to enable authentication for a large number of users accessing an S3 bucket, it is not as user-friendly or scalable as Amazon Cognito.

In summary, Amazon Cognito is the recommended tool for enabling authentication for a large number of users accessing an Amazon S3 bucket using a mobile app, as it provides a scalable, user-friendly solution for managing user access to your S3 bucket.