Company B is launching a new game app for mobile devices. Users will log into the game using their existing
social media account to streamline data capture. Company B would like to directly save player data and scoring
information from the mobile app to a DynamoDS table named Score Data When a user saves their game the
progress data will be stored to the Game state S3 bucket. what is the best approach for storing data to
DynamoDB and S3?
A.
Use an EC2 Instance that is launched with an EC2 role providing access to the Score Data DynamoDB table
and the GameState S3 bucket that communicates with the mobile app via web services.
B.
Use temporary security credentials that assume a role providing access to the Score Data DynamoDB table
and the Game State S3 bucket using web identity federation.
C.
Use Login with Amazon allowing users to sign in with an Amazon account providing the mobile app with
access to the Score Data DynamoDB table and the Game State S3 bucket.
D.
Use an IAM user with access credentials assigned a role providing access to the Score Data DynamoDB table
and the Game State S3 bucket for distribution with the mobile app.
B
I would go for answer B, since the user is logged into the game using their existing
social media account.
Answer A is a possible bottle neck and a possible single-point of failure; the AC2 instance. So that would not be the best approach.
Any idea’s on this are welcome!
Thanks,
Frank
Answer. B
Read Web Identity Federation
Yes it is B. The reason is it is always advisable to use the temporary security credentials which will rotated on daily basis until the role is attached. Whenever we find mobile application related keyword “web identity federation” plays a major role. Because these mobile users doesn’t have to be aws users to access the aws services.
answer is b
B. The requirements state “Users will log into the game using their existing
social media account to streamline data capture.” This is what Cognito is used for, ie Web Identity Federation. Amazon also recommend to “build your app so that it requests temporary AWS security credentials dynamically when needed using web identity federation.”
Yes, answer is B
B
Below the link http://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/id_roles_providers_oidc.html