AWS Certified Developer Associate DVA-C01 – Question358

A developer is creating a new application that will be accessed by users through an API created using Amazon API Gateway. The users need to be authenticated by a third-party Security Assertion Markup Language (SAML) identity provider. Once authenticated, users will need access to other AWS services, such as Amazon S3 and Amazon DynamoDB.
How can these requirements be met?

A.
Use an Amazon Cognito user pool with SAML as the resource server.
B. Use Amazon Cognito identity pools with a SAML identity provider as one of the authentication providers.
C. Use the AWS IAM service to provide the sign-up and sign-in functionality.
D. Use Amazon CloudFront signed URLs to connect with the SAML identity provider.

Correct Answer: A