What is the most secure approach for signing requests to the DynamoDB API?

Games-R-Us is launching a new game app for mobile devices. Users will log into the game
using their existing Facebook account and the game will record player data and scoring
information directly to a DynamoDB table. What is the most secure approach for signing
requests to the DynamoDB API?

Games-R-Us is launching a new game app for mobile devices. Users will log into the game
using their existing Facebook account and the game will record player data and scoring
information directly to a DynamoDB table. What is the most secure approach for signing
requests to the DynamoDB API?

A.
Create an IAM user with access credentials that are distributed with the mobile app to
sign the requests

B.
Distribute the AWS root account access credentials with the mobile app to sign the
requests

C.
Request temporary security credentials using web identity federation to sign the requests

D.
Establish cross account access between the mobile app and the DynamoDB table to sign
the requests



Leave a Reply 10

Your email address will not be published. Required fields are marked *


mr_tienvu

mr_tienvu

I choose C

Sandeep

Sandeep

C – since users are using Facebook account to play games web identity Federation is required

certified

certified

LOL B would be awesome.