Which combination of actions will meet these requirements?

By:
In: DVA-C01
Tagged:
With: 1 Comment
A company deploys a local news website on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB).The company wants to implement authentication for viewers through well-known social identity providers (IdPs).The company’s development team must use AWS native services in the solution.

Which combination of actions will meet these requirements?

(Choose two.)

Configure Amazon Cognito user pools with social IdPs

Configure OpenID Connect (OIDC)-compliant IdP endpoints

Create an AWS Lambda authorizer as a target in the ALB target group

Configure an ALB listener to add a rule for authentication

Use Lambda@Edge to authorize viewer requests in the ALB

Explanations:

Amazon Cognito can be configured with social identity providers (IdPs) to authenticate users. It provides a native, AWS-managed solution for integrating with IdPs such as Google, Facebook, and Amazon.

OpenID Connect (OIDC)-compliant IdP endpoints are used for integrating external IdPs but aren’t required here, as Amazon Cognito can directly handle social IdP integration.

An AWS Lambda authorizer is not directly associated with an ALB for handling authentication. Lambda authorizers are typically used with API Gateway, not ALB.

An ALB listener rule can be configured to integrate with Amazon Cognito for user authentication via social IdPs, providing an AWS-native solution.

Lambda@Edge is used for executing functions at CloudFront edge locations, not for managing authentication with ALB. It’s unnecessary for this use case of authentication.

2025-10-13

1 Comment

  1. Jeremy
    Author

    As I recall, the answer is:
    Configure Amazon Cognito user pools with social IdPs

Leave a Reply

Your email address will not be published. Required fields are marked *

four × 2 =