AWS Certified Developer – Associate — Question 226

A company deploys a local news website on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). The company wants to implement authentication for viewers through well-known social identity providers (IdPs). The company’s development team must use AWS native services in the solution.

Which combination of actions will meet these requirements? (Choose two.)

Answer options

• A. Configure Amazon Cognito user pools with social IdPs
• B. Configure OpenID Connect (OIDC)-compliant IdP endpoints
• C. Create an AWS Lambda authorizer as a target in the ALB target group
• D. Configure an ALB listener to add a rule for authentication
• E. Use Lambda@Edge to authorize viewer requests in the ALB

Correct answer: A, D

Explanation

The correct answer is A and D because configuring Amazon Cognito user pools allows integration with social IdPs, while setting an ALB listener rule facilitates authentication. Options B and C are not necessary for the requirements, as B does not directly involve AWS native services, and C does not relate to ALB's built-in authentication capabilities. Option E involves Lambda@Edge, which is not required in this scenario.