SAP-C01 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C01 Exam - Question 577

A Solutions Architect wants to make sure that only AWS users or roles with suitable permissions can access a new Amazon API Gateway endpoint. The Solutions

Architect wants an end-to-end view of each request to analyze the latency of the request and create service maps.

How can the Solutions Architect design the API Gateway access control and perform request inspections?

Show Answer
Correct Answer: A

To ensure that only AWS users or roles with suitable permissions can access a new Amazon API Gateway endpoint, using AWS_IAM authorization is appropriate. This method involves setting the authorization of the API Gateway method to AWS_IAM and granting the IAM user or role the execute-api:Invoke permission on the REST API resource. This ensures that the API caller signs requests with AWS Signature when accessing the endpoint. Additionally, AWS X-Ray can be used to trace and analyze user requests to API Gateway, providing the end-to-end view of each request and helping to analyze latency and create service maps. This method secures the access and provides detailed inspection of requests.

Discussion

17 comments
Sign in to comment
Nemer
Sep 20, 2021

A. Access control using Role, and request inspection with X-Ray.

joe16
Nov 6, 2021

A https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/

Ebi
Oct 21, 2021

Answer is A

Waiweng
Nov 1, 2021

it's A

jackdryan
Oct 11, 2021

I'll go with A

Bulti
Oct 17, 2021

A is correct.

Pupu86
Oct 30, 2021

End-to-end request already hints towards the usage of AWS X-ray. Automatically filtering out option B and D. Further the authorisation via role rather than parsing secrets through AWS clients - so A

taoteching1
Oct 11, 2021

A is correct - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-examples.html https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-using-xray-maps.html

T14102020
Oct 13, 2021

Correct is A. AWS Signature + X-Ray

kiev
Oct 30, 2021

A is the correct answer. Role +X-ray for better analysis

WhyIronMan
Nov 5, 2021

I'll go with A

acloudguruOption: A
Nov 23, 2021

https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/

Kian1
Oct 29, 2021

going with A

blackgamer
Oct 31, 2021

A is the answer, XRay is needed here.

acloudguruOption: A
Nov 23, 2021

https://aws.amazon.com/premiumsupport/knowledge-center/iam-authentication-api-gateway/

AzureDP900
Dec 6, 2021

A is right answer

cldy
Dec 9, 2021

A. For the API Gateway method, set the authorization to AWS_IAM. Then, give the IAM user or role execute-api:Invoke permission on the REST API resource. Enable the API caller to sign requests with AWS Signature when accessing the endpoint. Use AWS X-Ray to trace and analyze user requests to API Gateway.

SkyZeroZxOption: A
Jul 2, 2023

A. Access control using Role, and request inspection with X-Ray.