What is the MOST operationally efficient solution that meets this requirement?
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon API Gateway API to invoke the function. Call the API from the client side when login confirmation is received.
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Add an Amazon Cognito post authentication Lambda trigger for the function.
Create an AWS Lambda function that uses Amazon Simple Email Service (Amazon SES) to send the email notification. Create an Amazon CloudWatch Logs log subscription filter to invoke the function based on the login status.
Configure Amazon Cognito to stream all logs to Amazon Kinesis Data Firehose. Create an AWS Lambda function to process the streamed logs and to send the email notification based on the login status of each user.
Explanations:
This approach is inefficient because it requires an additional API Gateway setup and client-side call, which adds complexity and is not necessary for login notifications.
Amazon Cognito post-authentication Lambda triggers are designed for post-login activities. This option directly triggers an email notification after a successful login, providing operational efficiency and simplicity.
CloudWatch Logs subscription filters are more suitable for monitoring logs rather than triggering immediate login events. This option would introduce delay and complexity for real-time notifications.
Kinesis Data Firehose is not the best choice for real-time user login notifications, as it streams data in batches, creating latency. This adds unnecessary complexity compared to the straightforward post-authentication trigger.