AWS Certified Solutions Architect - Professional

Get started today

Ultimate access to all questions.

A solutions architect is tasked with ensuring that only authorized AWS users or roles can access a new Amazon API Gateway endpoint. Additionally, the architect needs to monitor and analyze each request for latency and to create detailed service maps. What is the optimal approach to secure the API Gateway and monitor user requests?

Exam-Like

Configure the API Gateway method with AWS_IAM authorization, granting IAM users or roles execute-api:Invoke permissions on the REST API resource. Require API callers to sign requests using AWS Signature and utilize AWS X-Ray for tracing and analyzing user requests to the API Gateway._

62.5%

Comments

Loading comments...

Enable CORS on the API Gateway resource and restrict Access-Control-Allow-Origin headers to the company's domain. Provide IAM users or roles with execute-api:Invoke permissions on the REST API resource and use Amazon CloudWatch for tracing and analyzing user requests to the API Gateway.

Develop an AWS Lambda function as a custom authorizer, instructing API clients to include a key and secret in their calls. Validate the key/secret pair against the IAM system within the Lambda function and employ AWS X-Ray for tracing and analyzing user requests to the API Gateway.

12.5%

Generate a client certificate for API Gateway and distribute it to necessary AWS users or roles. Require API callers to present the client certificate when accessing the endpoint and utilize Amazon CloudWatch for tracing and analyzing user requests to the API Gateway.

12.5%