nerdexam
Amazon

DVA-C02 · Question #586

A company is building a content authoring application. The application has multiple user groups, such as content creator, reviewer, approver, and administrator. The company needs to assign users fine-

The correct answer is C. Use Amazon Verified Permissions to set up user permissions. Integrate Verified Permissions with. Amazon Verified Permissions provides fine-grained access control capabilities, making it ideal for managing complex user permissions. It integrates with OIDC IdPs for authentication and allows applications to request authorization decisions dynamically. It is also easily adaptabl

Submitted by devops_kid· Mar 5, 2026Security

Question

A company is building a content authoring application. The application has multiple user groups, such as content creator, reviewer, approver, and administrator. The company needs to assign users fine-grained permissions for specific parts of the application. The company needs a solution to configure, maintain, and analyze user permissions. The company wants a solution that can be easily adapted to work with newer applications in the future. The company must use a third-party OpenID Connect (OIDC) identity provider (IdP) to authenticate users. Which solution will best meet these requirements?

Options

  • AConfigure an Amazon Cognito identity pool for the application. Use the identity pool identities
  • BConfigure the application to check user permissions upon request. Configure the application logic
  • CUse Amazon Verified Permissions to set up user permissions. Integrate Verified Permissions with
  • DSet up an IAM role for each user group. Assign users appropriate IAM roles. Configure the

How the community answered

(66 responses)
  • A
    12% (8)
  • B
    5% (3)
  • C
    61% (40)
  • D
    23% (15)

Explanation

Amazon Verified Permissions provides fine-grained access control capabilities, making it ideal for managing complex user permissions. It integrates with OIDC IdPs for authentication and allows applications to request authorization decisions dynamically. It is also easily adaptable to newer

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice