Which solution will meet these requirements?
Create Amazon Cognito user pools for external social identity providers. Configure IAM roles for the identity pools.
Program the sign-in page to create users’ IAM groups with the IAM roles attached to the groups.
Create an Amazon RDS for SQL Server DB instance to store the users and manage the permissions to the background resources in AWS.
Configure the sign-in page to register and store the users and their passwords in an Amazon DynamoDB table with an attached IAM policy.
Explanations:
Amazon Cognito is a fully managed service that handles user authentication, registration, and user pools for external identity providers (such as Facebook, Google, etc.). It integrates with API Gateway and Lambda, providing a scalable solution with minimal operational overhead.
Using IAM roles for user groups is not appropriate for handling user registration and login for a game application. IAM is intended for managing AWS resources access, not for user authentication in a serverless web application.
Using Amazon RDS for SQL Server would require extensive management and maintenance of the database, which adds operational overhead. It also doesn’t provide an integrated solution for user authentication, unlike Amazon Cognito.
Storing user data directly in DynamoDB with IAM policies for authentication and management requires custom logic for security and user management, which increases operational overhead. It also lacks features like password hashing, multi-factor authentication, etc., that Cognito provides.