AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company has registered its domain name with Amazon Route 53. The company uses Amazon API Gateway in the ca-central-1 Region as a public interface for its backend microservice APIs. Third-party services consume the APIs securely. The company wants to design its API Gateway URL with the company's domain name and corresponding certificate so that the third-party services can use HTTPS.

Which solution will meet these requirements?

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Create stage variables in API Gateway with Name="Endpoint-URL" and Value="Company Domain Name" to overwrite the default URL. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM).

Create Route 53 DNS records with the company's domain name. Point the alias record to the Regional API Gateway stage endpoint. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region.

Create a Regional API Gateway endpoint. Associate the API Gateway endpoint with the company's domain name. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the same Region. Attach the certificate to the API Gateway endpoint. Configure Route 53 to route traffic to the API Gateway endpoint.

Create a Regional API Gateway endpoint. Associate the API Gateway endpoint with the company's domain name. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region. Attach the certificate to the API Gateway APIs. Create Route 53 DNS records with the company's domain name. Point an A record to the company's domain name.

Explanation:

Explanation

Correct Answer: C

This solution correctly addresses all requirements:

Regional API Gateway endpoint - The company uses API Gateway in ca-central-1, so a Regional endpoint is appropriate.
Certificate in the same Region - ACM certificates must be in the same Region as the API Gateway endpoint for Regional endpoints.
Certificate attachment - The certificate needs to be attached to the API Gateway endpoint.
Route 53 configuration - Route 53 needs to route traffic to the API Gateway endpoint.

Why other options are incorrect:

A - Stage variables cannot overwrite the default URL to use a custom domain name. This is not how custom domain names work in API Gateway.

B - While this mentions creating Route 53 records and pointing to the API Gateway endpoint, it incorrectly specifies importing the certificate in us-east-1 Region. For Regional API Gateway endpoints, the certificate must be in the same Region as the endpoint (ca-central-1 in this case).

D - This option has two issues: (1) It specifies importing the certificate in us-east-1 Region instead of ca-central-1, and (2) It suggests pointing an A record to the company's domain name, which is incorrect. For API Gateway, you should use an alias record pointing to the API Gateway endpoint, not an A record pointing to the domain name itself.

Key AWS Concepts:

For Regional API Gateway endpoints, ACM certificates must be in the same AWS Region
Custom domain names in API Gateway require both ACM certificate configuration and Route 53 DNS configuration
Route 53 alias records should point to API Gateway endpoints, not A records to domain names
The ACM certificate must be associated with the API Gateway custom domain name configuration

Powered ByGPT-5.2

Comments

Loading comments...