Which steps should be taken to achieve this?
(Choose two.)
Use Amazon Cognito to create a user pool and create users in the user pool.
Send multi-factor authentication text codes to users with the Amazon SNS Publish API call in the app code.
Enable multi-factor authentication for the Amazon Cognito user pool.
Use AWS IAM to create IAM users.
Enable multi-factor authentication for the users created in AWS IAM.
Explanations:
Using Amazon Cognito to create a user pool is essential for managing user identities and authentication processes, including multi-factor authentication (MFA). This sets the foundation for secure user management in the mobile app.
While sending text codes is a part of implementing MFA, using Amazon SNS Publish API directly in the app code is not the recommended approach for MFA with Cognito. Cognito provides built-in capabilities to handle SMS MFA without needing to manage this manually through SNS.
Enabling multi-factor authentication for the Amazon Cognito user pool is a critical step in implementing MFA. This option allows the application to utilize the MFA features provided by Cognito, ensuring enhanced security for user logins.
AWS IAM is primarily used for managing permissions and access for AWS resources rather than end-user authentication in mobile apps. Creating IAM users does not facilitate multi-factor authentication for a mobile app directly.
Enabling MFA for IAM users is not relevant for mobile app authentication in this context. This approach is more suited for managing AWS resources and is not applicable for end-user authentication processes in mobile applications.