ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 1019 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 1019
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company is developing an application in the AWS Cloud. The application's HTTP API contains critical information that is published in Amazon API Gateway. The critical information must be accessible from only a limited set of trusted IP addresses that belong to the company's internal network.

Which solution will meet these requirements?

  • A. Set up an API Gateway private integration to restrict access to a predefined set of IP addresses.
  • B. Create a resource policy for the API that denies access to any IP address that is not specifically allowed.
  • C. Directly deploy the API in a private subnet. Create a network ACL. Set up rules to allow the traffic from specific IP addresses.
  • D. Modify the security group that is attached to API Gateway to allow inbound traffic from only the trusted IP addresses.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by viejito at Oct. 7, 2024, 5:23 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jassn3
Highly Voted 6 months, 2 weeks ago
OMG finally I have reached here
upvoted 23 times
...
Bwhizzy
Highly Voted 6 months, 1 week ago
Finally made it. Congratulations to everyone who got here. I know the journey has been hard and long. best of luck
upvoted 14 times
...
whoeevd2eww3322d
Most Recent 2 months, 2 weeks ago
🎉 I cleared the AWS Solutions Architect – Associate exam! For those on the same journey, many exam questions are from or related to these 1019 questions. Go through them twice for a solid prep. Also, check out Shaping Pixel's YouTube channel—focus only on the latest videos as most questions overlap. You've got this—good luck! 🚀
upvoted 5 times
...
techghost
3 months ago
Selected Answer: B
Got to the end, worth it and great contributions
upvoted 1 times
...
LeonSauveterre
3 months, 2 weeks ago
Selected Answer: B
A - A private integration is for connecting API Gateway to private resources within VPCs, such as EC2 instances or Lambda functions. It doesn't restrict access based on IP addresses. It controls how the API interacts with private resources. B - This is the most direct way to restrict access at the API Gateway level. C - Deploying the API in a private subnet would require users to connect to your VPC (e.g., via VPN or Direct Connect). This is not what the question implies (the API should be publicly accessible, but restricted by IP). D - API Gateway doesn't even use security groups because it's a regional managed service, not directly tied to VPCs like EC2 instances.
upvoted 3 times
LeonSauveterre
3 months, 2 weeks ago
Now people let's go back to square one and nail this frickin' exam!
upvoted 4 times
...
...
jfedotov
3 months, 3 weeks ago
Selected Answer: B
The correct answer should be B, but the question is misleading. This is because HTTP APIs do not support resource policies; only REST APIs do.
upvoted 1 times
...
Denise123
3 months, 3 weeks ago
Selected Answer: B
I can't believe that I made it! Congrats everyone! Time to restart from the Q1 to polish, and good luck for the exam!
upvoted 1 times
...
EllenLiu
4 months ago
Selected Answer: B
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-examples.html#apigateway-resource-policies-source-ip-address-example
upvoted 3 times
...
JA2018
4 months, 3 weeks ago
Selected Answer: D
yes, finally, the finishing point..... --- Why not D? By modifying the security group attached to API Gateway, you can explicitly define which IP addresses are allowed to access the API, effectively restricting access to only the trusted internal network IPs
upvoted 2 times
...
trinh_le
4 months, 3 weeks ago
Selected Answer: B
B: api gateway allows configure resource policy to restricted IP A: private integration-> private api C: private subnet -> private api D: security group does not support api gateway
upvoted 4 times
...
Sergantus
5 months, 1 week ago
Congrats to everyone who made it here. On to the next step, gents.
upvoted 6 times
...
Ben_88
5 months, 3 weeks ago
And now it's time to start all over again to see if you can do better this time . good luck lads !
upvoted 5 times
...
xekiva3329
6 months, 1 week ago
Selected Answer: B
answer B
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago