Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Certified Solution Architect Associate > Cognito > Flashcards

Cognito Flashcards

This deck aims to help retain concepts related to the Cognito service.

1
Q

Which AWS service represents an identity platform for web and mobile applications, providing a user directory, an authentication server, and an authorization service for OAuth 2.0 access tokens and AWS credentials?

A

Cognito

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which AWS service is designed for authentication, authorization, and user management for web and mobile applications?

A

Cognito

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two main components of Cognito for managing users and identities?

A

User Pools and Identity Pools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What functionality is provided by Cognito User Pools?

A

They handle user sign-up, sign-in, JSON Web Token (JWT) generation, and user directory management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Do Cognito User Pools allow access to AWS services?

A

No, they do not grant access to AWS services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which functionality is provided by Cognito User Pools?

A
  • User directory management
  • Sign-in, sign-up, including external IDPs
  • Customizable web UI
  • MFA and other security features
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What resources can be accessed using the JWT token from Cognito User Pools?

A

Self-managed server-based resources and API Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the core functionality provided by Cognito Identity Pools?

A

To provide temporary AWS credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which functionality is provided by Cognito Identity Pools?

A
  • Grant unauthenticated identities direct access to AWS resources
  • Enable Identity Federation by exchanging external IDP credentials (e.g., Google, Facebook, SAML 2.0, or User Pools) for temporary AWS credentials
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Where are IAM Roles for a Cognito Identity Pool configured?

A

Directly within the Identity Pool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What types of IAM roles, at minimum, should be configured for a Cognito Identity Pool?

A

At a minimum two roles:
- One role for authenticated identities
- One for unauthenticated identities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does a Cognito Identity pool provide temporary AWS credentials?

A
  1. User Pool JWT token or external IDP token passed to Identity Pool
  2. Cognito assumes the IAM Role defined in the Identity Pool
  3. Cognito generates temporary AWS Credentials, and returns them to the client
  4. Client uses credentials to access AWS Services
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How are Cognito User Pools and Identity Pools typically used together?

A

User Pools handle user authentication and identity management, while Identity Pools exchange User Pool JWT tokens for temporary AWS credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Web Identity Federation?

A

It’s the process of exchanging an IDP-provided token (e.g., Google, Facebook, or SAML) for AWS credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Certified Solution Architect Associate (46 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions