A company designs a mobile app to run on AWS. The app will run on Amazon EC2 instances behind an Application Load Balancer. The instances will run in an Amazon EC2 Auto Scaling group. The app must securely access data that the company stores in Amazon DynamoDB.
Which solution is MOST secure?
A. Create an Amazon Cognito user pool for the mobile app users. Attach an IAM policy that has the required DynamoDB permissions to the user pool.
B. Create an AWS Lambda authorizer with the required DynamoDB permissions. Attach the Lambda authorizer to the Application Load Balancer.
C. Create an IAM user for each mobile user. Attach an IAM policy that provides the required DynamoDB permissions to each IAM user.
D. Create an IAM role. Attach a policy with the required DynamoDB permissions to the role. Configure the EC2 Auto Scaling launch template to attach the role to all EC2 instances.
Which solution is MOST secure?
A. Create an Amazon Cognito user pool for the mobile app users. Attach an IAM policy that has the required DynamoDB permissions to the user pool.
B. Create an AWS Lambda authorizer with the required DynamoDB permissions. Attach the Lambda authorizer to the Application Load Balancer.
C. Create an IAM user for each mobile user. Attach an IAM policy that provides the required DynamoDB permissions to each IAM user.
D. Create an IAM role. Attach a policy with the required DynamoDB permissions to the role. Configure the EC2 Auto Scaling launch template to attach the role to all EC2 instances.