AWS Certified Developer – Associate (DVA-C02) — Question 189

A developer is creating a mobile application that will not require users to log in.

What is the MOST efficient method to grant users access to AWS resources?

Answer options

• A. Use an identity provider to securely authenticate with the application.
• B. Create an AWS Lambda function to create an IAM user when a user accesses the application.
• C. Create credentials using AWS KMS and apply these credentials to users when using the application.
• D. Use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources.

Correct answer: D

Explanation

The correct answer is D because Amazon Cognito allows you to manage user access easily by associating unauthenticated users with a specific IAM role, providing limited access to resources without requiring login. Option A is not efficient for unauthenticated users, while B and C involve unnecessary complexity and management of IAM users and credentials.