AWS Certified Developer – Associate — Question 3

A developer is creating a mobile application that will not require users to log in.
What is the MOST efficient method to grant users access to AWS resources?

Answer options

• A. Use an identity provider to securely authenticate with the application.
• B. Create an AWS Lambda function to create an IAM user when a user accesses the application.
• C. Create credentials using AWS KMS and apply these credentials to users when using the application.
• D. Use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources.

Correct answer: D

Explanation

The correct answer is D because Amazon Cognito allows unauthenticated users to access AWS resources by associating them with an IAM role that has limited permissions, ensuring security while maintaining ease of access. Option A involves authentication, which contradicts the requirement of not needing a login, while options B and C both suggest creating IAM users or credentials, which is unnecessary and inefficient for unauthenticated access.