What is the MOST efficient method to grant users access to AWS resources?
Use an identity provider to securely authenticate with the application.
Create an AWS Lambda function to create an IAM user when a user accesses the application.
Create credentials using AWS KMS and apply these credentials to users when using the application.
Use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources.
Explanations:
Using an identity provider to authenticate users requires them to log in, which contradicts the requirement of not requiring users to log in to access the application.
Creating an IAM user each time a user accesses the application is not efficient and could lead to a proliferation of IAM users. It also requires managing IAM user credentials securely, which is not ideal for a login-less scenario.
AWS KMS is used for managing cryptographic keys and is not suitable for creating and managing user credentials directly. It does not provide a method for associating those credentials with user access to AWS resources efficiently.
Amazon Cognito allows for unauthenticated user access by associating them with an IAM role that has limited permissions, thus enabling access to AWS resources without requiring users to log in. This is the most efficient method for granting users access in a login-less application.