Which solution will meet these requirements?

By:
In: SAA-C03
Tagged:
With: 1 Comment
A company wants to restrict access to the content of its web application.The company needs to protect the content by using authorization techniques that are available on AWS.The company also wants to implement a serverless architecture for authorization and authentication that has low login latency.The solution must integrate with the web application and serve web content globally.The application currently has a small user base, but the company expects the application’s user base to increase.

Which solution will meet these requirements?

Configure Amazon Cognito for authentication. Implement Lambda@Edge for authorization. Configure Amazon CloudFront to serve the web application globally.

Configure AWS Directory Service for Microsoft Active Directory for authentication. Implement AWS Lambda for authorization. Use an Application Load Balancer to serve the web application globally.

Configure Amazon Cognito for authentication. Implement AWS Lambda for authorization. Use Amazon S3 Transfer Acceleration to serve the web application globally.

Configure AWS Directory Service for Microsoft Active Directory for authentication. Implement Lambda@Edge for authorization. Use AWS Elastic Beanstalk to serve the web application globally.

Explanations:

Amazon Cognito provides scalable authentication with low latency and integrates seamlessly with serverless architectures. Lambda@Edge allows for serverless authorization at the CloudFront edge locations, ensuring global performance. CloudFront serves the web application globally, meeting the requirement for low login latency and scalability for increasing user base.

AWS Directory Service for Microsoft Active Directory is more complex and not as suitable for a serverless architecture. While it offers authentication, it doesn’t provide low-latency login like Amazon Cognito. An Application Load Balancer does not serve content globally in the same manner as CloudFront.

While Amazon Cognito is suitable for authentication, using AWS Lambda for authorization does not provide the edge computing benefits that Lambda@Edge offers. S3 Transfer Acceleration is not a solution for serving web applications; it’s focused on improving transfer speeds to S3 buckets, not for global content delivery.

Similar to Option B, AWS Directory Service for Microsoft Active Directory is complex and not ideal for a serverless approach. While Lambda@Edge is a good choice for authorization, AWS Elastic Beanstalk is not designed for global content delivery and scalability as effectively as CloudFront.

2025-10-14

1 Comment

  1. Evelyn
    Author

    I weigh that the answer is:
    Configure Amazon Cognito for authentication. Implement Lambda@Edge for authorization. Configure Amazon CloudFront to serve the web application globally.

Leave a Reply

Your email address will not be published. Required fields are marked *

fourteen − two =