Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 233 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 233
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company groups its AWS accounts in OUs in an organization in AWS Organizations. The company has deployed a set of Amazon API Gateway APIs in one of the Organizations accounts. The APIs are bound to the account's VPC and have no existing authentication mechanism. Only principals in a specific OU can have permissions to invoke the APIs.

The company applies the following policy to the API Gateway interface VPC endpoint:



The company also updates the API Gateway resource policies to deny invocations that do not come through the interface VPC endpoint. After the updates, the following error message appears during attempts to use the interface VPC endpoint URL to invoke an API: "User: anonymous is not authorized."

Which combination of steps will solve this problem? (Choose two.)

  • A. Enable IAM authentication on all API methods by setting AWS JAM as the authorization method.
  • B. Create a token-based AWS Lambda authorizer that passes the caller's identity in a bearer token.
  • C. Create a request parameter-based AWS Lambda authorizer that passes the caller's identity in a combination of headers, query string parameters, stage variables, and $cortext variables.
  • D. Use Amazon Cognito user pools as the authorizer to control access to the API.
  • E. Verify the identity of the requester by using Signature Version 4 to sign client requests by using AWS credentials.
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by xdkonorek2 at July 5, 2024, 4:23 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
limelight04
3 weeks ago
Selected Answer: AB
Option A Enable IAM authentication on all API methods: Set AWS IAM as the authorization method for all API methods. This ensures that authentication is required for invoking the APIs1. Option B Create a token-based AWS Lambda authorizer: Implement a custom Lambda authorizer that validates bearer tokens. Pass the caller’s identity in the token to authorize API requests
upvoted 1 times
...
vaxepa
3 weeks, 4 days ago
Selected Answer: AE
vote for AE
upvoted 2 times
...
GripZA
4 weeks ago
Selected Answer: AE
You can enable IAM authorization for HTTP API routes. When IAM authorization is enabled, clients must use Signature Version 4 (SigV4) to sign their requests with AWS credentials. API Gateway invokes your API route only if the client has execute-api permission for the route.
upvoted 3 times
...
jamesf
1 month, 2 weeks ago
Selected Answer: AE
Hope is Typo for the Option A, AWS JAM = AWS IAM Option A. Enable IAM authentication on all API methods by setting AWS IAM as the authorization method. - This ensures that all requests to the API must be authenticated using IAM credentials, directly addressing the anonymous access issue. Option E. Verify the identity of the requester by using Signature Version 4 to sign client requests by using AWS credentials. - By using AWS Signature Version 4, requests are authenticated, ensuring they are authorized according to IAM policies linked to the specific Organizational Unit.
upvoted 3 times
...
d9iceguy
1 month, 3 weeks ago
Selected Answer: AE
JAM= IAM
upvoted 3 times
...
tgv
2 months ago
---> A E (assuming there's a typo in AWS JAM) If there's no typo in AWS JAM, I'd go for B & E
upvoted 1 times
...
komorebi
2 months ago
Anser:B,E
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel