What is the MOST operationally efficient solution that meets this requirement?
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon API Gateway API to invoke the function. Call the API from the client side when login confirmation is received.
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function.
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Create an Amazon CloudWatch Logs log subscription filter to invoke the function based on the login status.
Configure Amazon Cognito to stream all logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to process the streamed logs and to send the email notification based on the login status of each user.
Explanations:
This option involves creating an API Gateway to invoke the Lambda function upon login confirmation. This adds unnecessary complexity and operational overhead, as it requires the client-side to manage the API call, which can introduce latency and failure points.
This option is the most efficient as it utilizes a post-authentication trigger in Amazon Cognito to directly invoke the Lambda function every time a user logs in. This ensures that the email notification is sent immediately after successful authentication without additional components or client-side logic.
While this option suggests using a log subscription filter, it is less efficient. It relies on processing CloudWatch Logs which introduces a delay between login and notification due to log ingestion and processing, making it less suitable for real-time notifications.
This option involves streaming logs to Kinesis Data Firehose and using a Lambda function to process those logs. Similar to option C, it introduces latency as it depends on log processing, making it less efficient for immediate login notifications.