A front-end web application is using Amazon Cognito user pools to handle the user authentication flow. A developer is integrating Amazon DynamoDB into the application using the AWS SDK for JavaScript.
How would the developer securely call the API without exposing the access or secret keys?
A . Configure Amazon Cognito identity pools and exchange the JSON Web Token (JWT) for temporary credentials.
B . Run the web application in an Amazon EC2 instance with the instance profile configured.
C . Hardcore the credentials, use Amazon S3 to host the web application, and enable server-side encryption.
D . Use Amazon Cognito user pool JSON Web Tokens (JWITs) to access the DynamoDB APIs.
Answer: A
Explanation:
Reference: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-usingtokens-verifying-a-jwt.html
Leave a Reply