ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 577 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 577
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A Solutions Architect wants to make sure that only AWS users or roles with suitable permissions can access a new Amazon API Gateway endpoint. The Solutions
Architect wants an end-to-end view of each request to analyze the latency of the request and create service maps.
How can the Solutions Architect design the API Gateway access control and perform request inspections?

  • A. For the API Gateway method, set the authorization to AWS_IAM. Then, give the IAM user or role execute-api:Invoke permission on the REST API resource. Enable the API caller to sign requests with AWS Signature when accessing the endpoint. Use AWS X-Ray to trace and analyze user requests to API Gateway.
  • B. For the API Gateway resource, set CORS to enabled and only return the company's domain in Access-Control-Allow-Origin headers. Then, give the IAM user or role execute-api:Invoke permission on the REST API resource. Use Amazon CloudWatch to trace and analyze user requests to API Gateway.
  • C. Create an AWS Lambda function as the custom authorizer, ask the API client to pass the key and secret when making the call, and then use Lambda to validate the key/secret pair against the IAM system. Use AWS X-Ray to trace and analyze user requests to API Gateway.
  • D. Create a client certificate for API Gateway. Distribute the certificate to the AWS users and roles that need to access the endpoint. Enable the API caller to pass the client certificate when accessing the endpoint. Use Amazon CloudWatch to trace and analyze user requests to API Gateway.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Nemer at Aug. 10, 2020, 7:02 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Nemer
Highly Voted 3 years, 7 months ago
A. Access control using Role, and request inspection with X-Ray.
upvoted 25 times
joe16
3 years, 5 months ago
A https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/
upvoted 2 times
...
...
Ebi
Highly Voted 3 years, 6 months ago
Answer is A
upvoted 5 times
...
SkyZeroZx
Most Recent 1 year, 9 months ago
Selected Answer: A
A. Access control using Role, and request inspection with X-Ray.
upvoted 1 times
...
cldy
3 years, 4 months ago
A. For the API Gateway method, set the authorization to AWS_IAM. Then, give the IAM user or role execute-api:Invoke permission on the REST API resource. Enable the API caller to sign requests with AWS Signature when accessing the endpoint. Use AWS X-Ray to trace and analyze user requests to API Gateway.
upvoted 1 times
...
AzureDP900
3 years, 4 months ago
A is right answer
upvoted 1 times
...
acloudguru
3 years, 5 months ago
Selected Answer: A
https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/
upvoted 2 times
...
acloudguru
3 years, 5 months ago
Selected Answer: A
https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/
upvoted 1 times
...
WhyIronMan
3 years, 5 months ago
I'll go with A
upvoted 2 times
...
Waiweng
3 years, 5 months ago
it's A
upvoted 5 times
...
blackgamer
3 years, 5 months ago
A is the answer, XRay is needed here.
upvoted 1 times
...
Pupu86
3 years, 6 months ago
End-to-end request already hints towards the usage of AWS X-ray. Automatically filtering out option B and D. Further the authorisation via role rather than parsing secrets through AWS clients - so A
upvoted 3 times
...
kiev
3 years, 6 months ago
A is the correct answer. Role +X-ray for better analysis
upvoted 2 times
...
Kian1
3 years, 6 months ago
going with A
upvoted 1 times
...
Bulti
3 years, 6 months ago
A is correct.
upvoted 3 times
...
T14102020
3 years, 6 months ago
Correct is A. AWS Signature + X-Ray
upvoted 2 times
...
jackdryan
3 years, 6 months ago
I'll go with A
upvoted 3 times
...
taoteching1
3 years, 6 months ago
A is correct - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-examples.html https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-using-xray-maps.html
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago