AWS Certified Solutions Architect - Professional SAP-C02 Exam - Question 5

Question

A company uses a service to collect metadata from applications that the company hosts on premises. Consumer devices such as TVs and internet radios access the applications. Many older devices do not support certain HTTP headers and exhibit errors when these headers are present in responses. The company has configured an on-premises load balancer to remove the unsupported headers from responses sent to older devices, which the company identified by the User-Agent headers.

The company wants to migrate the service to AWS, adopt serverless technologies, and retain the ability to support the older devices. The company has already migrated the applications into a set of AWS Lambda functions.

Which solution will meet these requirements?

Examice · Accepted Answer

To meet the requirements of migrating the service to AWS, using serverless technologies, and supporting older devices, the best solution involves using an Amazon CloudFront distribution along with a CloudFront function. CloudFront functions are optimized for lightweight tasks like inspecting HTTP headers and modifying requests or responses. This setup allows for efficient removal of problematic headers based on the User-Agent header in the requests, ensuring compatibility with older devices. This approach integrates well with the existing AWS Lambda functions and avoids the need for more complex and potentially costly alternatives like Lambda@Edge or non-serverless components such as an Application Load Balancer.

EricZhang · Answer

A. The only difference between A and D is CloudFront function vs Lambda@Edge. In this case the CloudFront function can remove the response header based on request header and much faster/light-weight.

mmendozaf · Answer

As most of the logic are related with user agent headers, API Gateway have more capabilities. This discard, A,D. Between B and C, request is only to delete the header to specific User agents and not by default, discarding option B. 
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html

OCHT · Answer

Option A involves creating an Amazon CloudFront distribution and an Application Load Balancer (ALB) to forward requests to the ALB and invoke the correct Lambda function for each type of request. However, it suggests using a CloudFront function to remove the problematic headers based on the value of the User-Agent header. CloudFront functions are used to manipulate the request and response that are generated by CloudFront. They are not designed to manipulate the headers of responses that are generated by other AWS services such as ALB or Lambda.

In contrast, option C suggests using Amazon API Gateway and its built-in functionality to manipulate response headers using a response mapping template. This is a more straightforward and efficient way to remove the problematic headers from responses sent to older devices.

robertohyena · Answer

Answer is D.
- Lambda@Edge can remove problematic headers
- API gateway can only do request / response transformation

ninomfr64 · Answer

This is really challenging for me.

Here is my reasoning:
i) user-agent header is stored in request and not in answer
ii) based on i) we need a mechanism to map sessionid to user-agent in requests and access this mapping when processing answers

Not .A as CF Functions do not interact with other AWS services, they can use key value pairs but in read-only mode. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/functions-tutorial-kvs.html
Not B. as gateway responses only works with "supported response type" listed here https://docs.aws.amazon.com/apigateway/latest/developerguide/supported-gateway-response-types.html (plese note the question mention errors, but they occur on devices)
Not C. as response mapping template do not interact with other AWS services

D. is correct as Lambda@Edge can access other AWS services (e.g. in this case a DynamoDB for sessionid user-agent mapping)

scuzzy2010 · Answer

"Header manipulation – You can insert, modify, or delete HTTP headers in the request or response." - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html

zijieli · Answer

B is the answer . Why? 
The Question describes that the application used for devices real time visit so CloudFront isn't the right choice ,CloudFront mainly used  for edge caching. Other functional like CF functions and Lambda@Edge  just provide more flexible for user's .
CloudFront isn't the typical scenario for Device metadata collect due to they require an nearly real time query

AMEJack · Answer

A trick here Question says "The company has configured an on-premises load balancer to remove the unsupported headers from responses sent to older devices, which the company identified by the User-Agent headers." This means it needs to change the response from the origin which can only be done by lambda@Edge.

Jesuisleon · Answer

I don't understand why you guys choose CLoudFront.
The datastream flows from  Consumer devices to aws, why we need  to use cloudfront to cache content from alb ?
I choose B as Amazon API Gateway HTTP APIs do not support mapping templates.

pppttl · Answer

A, because it's faster.

CloudFront Functions vs. Lambda@Edge use cases
* CF Functions:
    * cache key normalization: transform request attributes (headers, cookies, query string, URL) to create an optimal Cache Key
    * header manipulation: insert/modify/delete HTTP headers in the request or response
    * URL rewrites or redirects
    * request authentication & authorization: create and validate user-generated tokens (e. g. JWT) to allow/deny requests
* Lambda@Edge:
    * longer execution time (several ms)
    * adjustable CPU or memory
    * 3rd party dependencies (like AWS SDK)
    * network access to use external services for processing
    * file system access or access to the body of HTTP requests

sghdfghdfghdghdfh4w56346he346h · Answer

A. Only the viewer response (response header) needs to be modified. CloudFront function and Lambda functions can both do this, but CloudFront functions are better suited for lighter functions at the edge such as this.

KevinYao · Answer

ALB is not serverless, http api can't remove a header.

blackgamer · Answer

The answer is A. You can refer to AWS documentation here - https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/

buriz · Answer

its option D because chat gpt says so

ahhatem · Answer

b is wrong because default responses are irrelevant.
c is wrong because you can't conditionally remove headers based on agent in params mapping.
d can work but is more expensive, slower..etc. Cloud functions are designed for this use case specifically!

Mahakali · Answer

Cloudfront function is the suitable option as it is mentioned as ideal for header manipulations.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html

Jacky_exam · Answer

GPT:
The solution that will meet these requirements is D. Create an Amazon CloudFront distribution for the metadata service. Create an Application Load Balancer (ALB). Configure the CloudFront distribution to forward requests to the ALB. Configure the ALB to invoke the correct Lambda function for each type of request. Create a Lambda@Edge function that will remove the problematic headers in response to viewer requests based on the value of the User-Agent header.

Explanation:

Option A is not correct because CloudFront functions can only be used to modify the request, not the response. Also, the question asks to remove headers from the response, not from the request.

tito0207 · Answer

chatgpt answer D

toshayxlol · Answer

A. Both Lambda@Edge and CloudFront functions can modify headers but for this particular case CloudFront functions is the most suitable choice because of the more simplistic approach than using Lambda@Edge which fits better for more complext tasks.
Also, CloudFront functions run at edge locations intead of regional edge locations like Lambda@Edge so you will execute code even closer to the user.
https://medium.com/trackit/cloudfront-functions-vs-lambda-edge-which-one-should-you-choose-c88527647695

c73bf38 · Answer

D: This solution involves creating an Amazon CloudFront distribution for the metadata service and configuring it to forward requests to the Application Load Balancer (ALB), which is used to invoke the correct Lambda function for each type of request. A Lambda@Edge function should be created that will remove the problematic headers in response to viewer requests based on the value of the User-Agent header. This approach allows the company to remove the problematic headers while supporting older devices and using serverless technologies.

karysff · Answer

API gateway can rewrite header

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-override-request-response-parameters.html

eraser2021999 · Answer

D as per explanations of Stephane's Udemy training.

Ilk · Answer

CF function or lambda edge can do it. But the Cf function is faster and cheaper. So it is A

c73bf38 · Answer

Per the feature comparisons between Lambda and CloudFront functions, A is the correct option as it clearly states it does header manipulation for the response headers and requests.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions.html

kiran15789 · Answer

Confused between A and D , but will go with A in the exam based on below explainatins
https://medium.com/trackit/cloudfront-functions-vs-lambda-edge-which-one-should-you-choose-c88527647695
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions.html

mfsec · Answer

Cloudfront can do it.

EthicalBond · Answer

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html
Header manipulation – You can insert, modify, or delete HTTP headers in the request or response.

Roontha · Answer

Answer : A. why we need to Lambda@edge while cloudfront serving the purpose, also CF is much faster and light weight

chico2023 · Answer

Interestingly, the link shared by Karamen (https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/) points to answer A.
CloudFront functions include: "HTTP header manipulation: View, add, modify, or delete any of the request/response headers."
This helps giving weight to answer A as the correct one.

awsent · Answer

Answer: D 
Due to service is being used by devices, using CloudFront. API Gateway is a regional service and request could experience latency.
CloudFront Functions are executed prior to request to Edge Cache, this scenario requires changes to the response header, hence Lambda@Edge.

ansgohar · Answer

A. Create an Amazon CloudFront distribution for the metadata service. Create an Application Load Balancer (ALB). Configure the CloudFront distribution to forward requests to the ALB. Configure the ALB to invoke the correct Lambda function for each type of request. Create a CloudFront function to remove the problematic headers based on the value of the User-Agent header.

devourer66 · Answer

For options A and D, can someone explain how lambda or CF function that should be processing a response can get information about the headers in the original request to actually decide if the transformation is required?

Pupu86 · Answer

CloudFront functions is used at the edge cache location and meant for functions that doesn't require body access with very short execution time of max 1ms.

Lambda@edge can only be deployed at regional cache location with up to 5 secs execution time and is usually implemented when there is interaction needed with the body request.

so answer should be A.

ayadmawla · Answer

Yes you can do it with Lambda@Edge but CloudFront Function can do it quicker and cheaper.  https://dev.to/aws-heroes/cloudfront-functions-vs-lambdaedge-whats-the-difference-1g60#:~:text=Lambda%40Edge%20functions%20have%20128MB,request%20and%20origin%20response%20triggers).

liux99 · Answer

I mean B is the correct answer.

Dgix · Answer

CloudFront functions are not for this type of use case. Therefore, D.

Weninka · Answer

CloudFront functions can't be triggered in to run on the response from the origin (in this case to modify the response returned by the Lambda functions), so looks like it's D.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html

HishamShaikha · Answer

As per AWS Docs https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html

The answer is A, no need for Lambd@Edge because we want to modify the headers only

Zas1 · Answer

A
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html

nkv_3762 · Answer

CloudFront Function:
Header manipulation – You can insert, modify, or delete HTTP headers in the request or response.

ukivanlamlpi · Answer

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-override-request-response-parameters.html

not A, D.  because ALB is not serverless.
not B, because need a mapping template, cannot change default gateway response

higashikumi · Answer

CloudFront Functions are the optimal solution for this scenario as they are designed for lightweight tasks like header manipulation. In this case, a CloudFront Function can be easily configured to inspect the User-Agent header in incoming requests and conditionally remove unsupported headers before forwarding the request to the origin (the Application Load Balancer and Lambda functions). This approach simplifies the architecture, potentially reduces costs compared to using Lambda@Edge, and leverages the native integration between CloudFront and CloudFront Functions for efficient header modification at the edge.

master9 · Answer

To migrate the service to AWS, adopt serverless technologies, and retain the ability to support the older devices, the company can use AWS Application Load Balancer (ALB). The ALB is a serverless technology that can be used to route incoming traffic to serverless functions such as AWS Lambda. The Serverless Framework makes it possible to set up the connection between Application Load Balancers and Lambda functions with the help of the alb event.

To support the older devices, the company can configure the ALB to remove the unsupported headers from responses sent to older devices, which the company identified by the User-Agent headers. The ALB’s focus on HTTP allows it to use parts of the protocol to make decisions about caching and save you some Lambda executions.

WuKongCoder · Answer

B is correct answer, on premises mean can't use cloudfornt， api gateway http api can't support response mapping template
https://docs.aws.amazon.com/zh_cn/apigateway/latest/developerguide/http-api-vs-rest.html

ospherenet · Answer

A is the correct answer.

Explanation:

CloudFront is a good option for delivering content and improving user experience with caching, reducing latency and increasing availability.
An Application Load Balancer (ALB) can be used with CloudFront to route requests to the correct Lambda function.
The CloudFront function can be used to remove the problematic headers based on the User-Agent header to support older devices.
Using CloudFront and Lambda functions will allow the company to adopt serverless technologies for this use case.

PSPaul · Answer

It's should be D

Anonymous · Answer

Lambda@Edge can modify headers
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html

Appon · Answer

In the question its stated that "The company wants to migrate the (metadata) service to AWS..."

In the answers involving CF, there is no mention of migrating metadata service...am I missing something?

gameoflove · Answer

B as per the question that non Http Device need response other than HTTP

Don2021 · Answer

Answer is A.

2aldous · Answer

A.
"To give you the performance and scale that modern applications require, CloudFront Functions uses a new process-based isolation model instead of virtual machine (VM)-based isolation as used by AWS Lambda and Lambda@Edge. To do that, we had to enforce some restrictions, such as avoiding network and file system access. Also, functions run for less than one millisecond. In this way, they can handle millions of requests per second while giving you great performance on every function execution. Functions add almost no perceptible impact to overall content delivery network (CDN) performance."
Also, CF Functions can View, add, modify, or delete any of the request/response headers.

ailves · Answer

We don't need ALB to invoke the correct Lambda function for each type of request.

easytoo · Answer

d-d-d-dd-d-d-d

javitech83 · Answer

I go with A, cloud front has ability to remove /modify headers

Mom305 · Answer

A you can configure a lambda@Edge but now you can now set headers with CloudFront Functions

allen_devops · Answer

Option A is correct. For option B and C, they doesn't support mapping based on headers. It only concern payload, context and stage. For Option D, it should be associate with viewer request. It should be viewer response.

autobahn · Answer

It has to be B since ALB is not a serverless service. The company prefers a serverless architecture. Also, the requirement doesn't talk about Caching or reducing Latency. So, A & D cannot be the right choice.

dimitry_khan_arc · Answer

Cloudfront could have been a choice but as soon as it talks about ALB the requirement to keep serverless is compromised. So, B is the answer.

cheese929 · Answer

Both CloudFront function and Lambda@Edge can do the job. but CloudFront function can do it at approximately 1/6th the price of Lambda@Edge. Thus I go for A.

Anonymous · Answer

C. https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html

Chainshark · Answer

"Serverless technologies feature automatic scaling, built-in high availability, and a pay-for-use billing model to increase agility and optimize costs."

https://aws.amazon.com/serverless/

AWS ALB is not pay as you go, so it is not serverless. Thus A and D are wrong.

Thus, answer C is correct (C. https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html)

BECAUSE · Answer

D is the answer, Lambda@Edge in option D appears to offer more targeted and suitable functionality for header modification at the edge

abeb · Answer

A  Create an Amazon CloudFront distribution

AC1984 · Answer

Lambda@Edge can edit header

kaby1987 · Answer

Ans is D

SwapnilAWS · Answer

option A : https://dev.to/aws-heroes/cloudfront-functions-vs-lambdaedge-whats-the-difference-1g60#:~:text=Scale%3A%20CloudFront%20Functions%20can%20scale,128MB%20%2D%203GB%20of%20memory%20available.

Rajarshi · Answer

Ans D because Cloudfront Funtion can not modify headers

24Gel · Answer

For A and C,

I didn't see any point to use ALB here, the purpose is to remove headers, not increase performance.

tushar321 · Answer

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html#:~:text=CloudFront%20Functions%20is,to%20every%20request.

MoT0ne · Answer

In AWS API Gateway, a response mapping template is used to transform the output received from the backend integration into a format that is suitable for the API client. It allows you to customize the structure and content of the response before it is sent back to the client.

niroop893 · Answer

Agree D

jyrajan69 · Answer

Both A and D will work but it will add to the complexity. So rule that out, based on the fact that ApiG supports mapping template, the best answer is C

vip2 · Answer

after review details of question, correct answer is C.
Mainpoints are 
1. serverless, API GW with HTTP API is serverless while ALB is not.
2. CloudFront Function is only for 'viewer request/response', not for 'origin request/response', So, A is not correct. see https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html
3. B is also not correct because 'default GW response' is generated by API GW, but here to remove response from origin.

Fu7ed · Answer

I'll take A as the correct answer.

Requirements: Using AWS's Serverless feature, maintaining features that support previous devices, removing headers

Serverless: Lambda
Previous Device: ALB
Remove Header: Cloudfront
https://aws.amazon.com/ko/about-aws/whats-new/2023/01/amazon-cloudfront-supports-removal-response-headers/

SubbuKhan · Answer

Lambda@Edge lets you run Lambda functions to customize the content that CloudFront delivers, executing the functions in AWS locations closer to the viewer. The functions run in response to CloudFront events, without provisioning or managing servers. You can use Lambda functions to change CloudFront requests and responses at the following points:

- After CloudFront receives a request from a viewer (viewer request)

- Before CloudFront forwards the request to the origin (origin request)

- After CloudFront receives the response from the origin (origin response)

- Before CloudFront forwards the response to the viewer (viewer response)

AloraCloud · Answer

Removing User-Agent headers is generally a lightweight task. Since it involves simple string manipulation to detect and remove headers based on predefined conditions, CloudFront Functions (Option A) are perfectly suited for this purpose. They provide fast, low-latency execution, making them ideal for straightforward operations like header manipulation.

TariqKipkemei · Answer

CloudFront lets you choose whether you want CloudFront to forward headers to your origin and to cache separate versions of a specified object based on the header values in viewer requests. This allows you to serve different versions of your content based on the device the user is using, the location of the viewer, the language the viewer is using, and a variety of other criteria.

ad11934 · Answer

Option A as per https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html -- seems lambda@edge is not needed as cloudfront function can be quick for modifying the response headers and handles higher request rates

julianocaldeira · Answer

The correct answer is D.

Here’s why:

Requirement: The solution must:

Use serverless technologies.
Retain the ability to support older devices by removing problematic headers based on the User-Agent header.
Analysis of the options:

A. CloudFront with an ALB and a CloudFront function:

CloudFront functions can modify headers, but they are limited to request handling and cannot modify response headers.
This does not fully meet the requirement to remove response headers based on the User-Agent header.

soulation · Answer

While D might work, it's overkill for this use case. Cloudfront function is 600% cheaper, less latency, less code size. Correct answer is A.

BennyMao · Answer

CloudFront functions cannot modify response headers, which is a key requirement.

unbornfroyo · Answer

TL;DR:
You need to remove specific headers based on User-Agent in the response, best done at the edge.

Lambda@Edge with CloudFront is the only option here that fully supports this requirement.

Hello43638 · Answer

➡️ This is where CloudFront Functions falls short:
While it can manipulate response headers, it cannot access request headers during the response phase.
So it can’t conditionally remove headers from responses based on User-Agent.

AWS Certified Solutions Architect - Professional SAP-C02 Exam - Question 5

Discussion