Question

An application needs to use an authentication in AWS. Users need to have MFA enabled when trying to log into the application.

Which of the following can be used for this purpose?

A. Create an IAM user with public access.

B. Create an IAM group with public access.

C. Use AWS Cognito with MF.

D. Use AWS STS with SAML.

Answer 1

Answer - C.

This is mentioned in the AWS Documentation.

Adding Multi-Factor Authentication (MFA) to a User Pool.

Multi-factor authentication (MFA) increases security for your app by adding another authentication method and not relying solely on user name and password.

You can choose to use SMS text messages or time-based one-time (TOTP) passwords as second factors in signing in to your users.

With adaptive authentication, you can configure your user pool to require second-factor authentication in response to an increased risk level.

To add adaptive authentication to your user pool, see Adding Advanced Security to a User Pool.

Options A and B are incorrect since it's not the right approach to using IAM users or groups to access mobile-based applications.

Option D is incorrect since SAML is used for federated access.