Your application currently uses AWS Cognito for authenticating users. Your application consists of different types of users. Some users are only allowed to read access to the application and others are given contributor access. How would you manage the access efficiently?

Answer options:

A.Create different Cognito endpoints, one for the readers and the other for the contributors.
B.Create different Cognito groups, one for the readers and the other for the contributors.
C.You need to manage this within the application itself.
D.This needs to be managed via Web security tokens.

Answer: B
Option A is incorrect because you need to create Cognito groups instead of endpoints to manage several users and groups.
Option B is CORRECT because you can use groups to create a collection of users in a user pool, which is often done to set the permissions for those users. For example, you can create separate groups for users who are readers, contributors, and editors of your website and app. 
Options C is incorrect since there would be additional overhead to manage within the application. You can use different Cognito groups to manage permissions.
Option D is incorrect because managing via Web security tokens is not as simple as option
B.For more information on AWS Cognito user groups, please refer to the below Link:
https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html