AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company has a workload in an AWS Region. Customers connect to and access the workload by using an Amazon API Gateway REST API. The company uses Amazon Route 53 as its DNS provider. The company wants to provide individual and secure URLs for all customers.

Which combination of steps will meet these requirements with the MOST operational efficiency? (Choose three.)

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Register the required domain in a registrar. Create a wildcard custom domain name in a Route 53 hosted zone and record in the zone that points to the API Gateway endpoint.

Request a wildcard certificate that matches the domains in AWS Certificate Manager (ACM) in a different Region.

Create hosted zones for each customer as required in Route 53. Create zone records that point to the API Gateway endpoint.

Request a wildcard certificate that matches the custom domain name in AWS Certificate Manager (ACM) in the same Region.

Create multiple API endpoints for each customer in API Gateway.

Create a custom domain name in API Gateway for the REST API. Import the certificate from AWS Certificate Manager (ACM).

Explanation:

Explanation

This question is about providing individual and secure URLs for customers accessing an API Gateway REST API with maximum operational efficiency.

Correct Options: A, D, F

Why A is correct:

Registering the domain in a registrar is necessary to own the domain
Creating a wildcard custom domain name in Route 53 hosted zone allows using subdomains for each customer (e.g., customer1.example.com, customer2.example.com)
Creating a record that points to the API Gateway endpoint enables DNS resolution

Why D is correct:

Requesting a wildcard certificate in ACM in the same Region as the API Gateway is required for SSL/TLS termination
A wildcard certificate (e.g., *.example.com) covers all subdomains, making it operationally efficient
The certificate must be in the same Region as API Gateway for proper integration

Why F is correct:

Creating a custom domain name in API Gateway is necessary to associate the domain with the API
Importing the certificate from ACM enables SSL/TLS termination at API Gateway
This allows API Gateway to serve HTTPS requests for the custom domain

Why other options are incorrect:

B: Requesting a certificate in a different Region won't work - ACM certificates must be in the same Region as the service using them

C: Creating hosted zones for each customer is not operationally efficient - it would require managing multiple hosted zones instead of using subdomains in a single zone

E: Creating multiple API endpoints for each customer is not operationally efficient - it would require managing multiple APIs instead of using a single API with custom domain names

Operational Efficiency Approach:

Register a domain (e.g., example.com)
Create a wildcard ACM certificate for *.example.com in the same Region
Create a custom domain name in API Gateway using the certificate
Create a Route 53 hosted zone for the domain with a wildcard A/ALIAS record pointing to API Gateway
Use subdomains for customers (customer1.example.com, customer2.example.com)

This approach provides individual URLs (via subdomains) and security (via HTTPS) with minimal operational overhead.

Powered ByGPT-5.2

Comments

Loading comments...