Which solution will meet these requirements with the LEAST operational overhead?

By:
On:
In: DVA-C01
Tagged:
With: 0 Comments
A developer is creating an application that will give users the ability to store photos from their cellphones in the cloud.The application needs to support tens of thousands of users.The application uses an Amazon API Gateway REST API that is integrated with AWS Lambda functions to process the photos.The application stores details about the photos in Amazon DynamoDB.Users need to create an account to access the application.In the application, users must be able to upload photos and retrieve previously uploaded photos.The photos will range in size from 300 KB to 5 MB.

Which solution will meet these requirements with the LEAST operational overhead?

Use Amazon Cognito user pools to manage user accounts. Create an Amazon Cognito user pool authorizer in API Gateway to control access to the API. Use the Lambda function to store the photos and details in the DynamoDB table. Retrieve previously uploaded photos directly from the DynamoDB table.

Use Amazon Cognito user pools to manage user accounts. Create an Amazon Cognito user pool authorizer in API Gateway to control access to the API. Use the Lambda function to store the photos in Amazon S3. Store the object’s S3 key as part of the photo details in the DynamoDB table. Retrieve previously uploaded photos by querying DynamoDB for the S3 key.

Create an IAM user for each user of the application during the sign-up process. Use IAM authentication to access the API Gateway API. Use the Lambda function to store the photos in Amazon S3. Store the object’s S3 key as part of the photo details in the DynamoDB table. Retrieve previously uploaded photos by querying DynamoDB for the S3 key.

Create a user’s table in DynamoDB. Use the table to manage user accounts. Create a Lambda authorizer that validates user credentials against the users table. Integrate the Lambda authorizer with API Gateway to control access to the API. Use the Lambda function to store the photos in Amazon S3. Store the object’s S3 key as part of the photo details in the DynamoDB table. Retrieve previously uploaded photos by querying DynamoDB for the S3 key.

Explanations:

While Amazon Cognito user pools for account management and a Lambda function for processing the photos are appropriate, storing photos directly in DynamoDB is not ideal due to storage limitations and performance concerns. DynamoDB is not optimized for large binary objects like photos.

Using Amazon Cognito for account management, API Gateway for access control, and S3 for storing photos provides a scalable solution with low operational overhead. Storing the S3 key in DynamoDB ensures easy retrieval of photo metadata while leveraging the best practices of using S3 for large object storage.

Using IAM users for each individual user adds significant complexity in managing credentials and does not scale as efficiently as using Amazon Cognito. Additionally, IAM is not designed for managing application users in this context, leading to increased overhead.

Although using DynamoDB for managing users and S3 for storing photos is a valid approach, implementing a custom Lambda authorizer to validate credentials is unnecessary and increases operational complexity. Cognito user pools would simplify user authentication and access control.

Leave a Reply

Your email address will not be published. Required fields are marked *

20 − 15 =