🔥 3-day streak
AWS Certified Developer - Associate44 / 150
Question 44 of 150
A developer is building a document management web app that authenticates users with an Amazon Cognito user pool. Users belong to either an 'editors' or 'viewers' group in the user pool. After authentication, the app uses an identity pool to obtain temporary AWS credentials so users can access an S3 bucket directly. Editors must be able to upload objects, while viewers must only be able to read objects. What is the most effective way to enforce these different permission levels?
Reviewed for accuracy · Report an issueNext question