AWS SAA-C03 #56

A company has registered its domain name with Amazon Route 53. The company uses Amazon API Gateway in the ca-central-1 Region as a public interface for its backend microservice APIs. Third-party services consume the APIs securely. The company wants to design its API Gateway URL with the company's domain name and corresponding certificate so that the third-party services can use HTTPS.

Which solution will meet these requirements?

A. Create stage variables in API Gateway with Name="Endpoint-URL" and Value="Company Domain Name" to overwrite the default URL. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM).

B. Create Route 53 DNS records with the company's domain name. Point the alias record to the Regional API Gateway stage endpoint. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region.

C. Create a Regional API Gateway endpoint. Associate the API Gateway endpoint with the company's domain name. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the same Region. Attach the certificate to the API Gateway endpoint. Configure Route 53 to route traffic to the API Gateway endpoint.

D. Create a Regional API Gateway endpoint. Associate the API Gateway endpoint with the company's domain name. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region. Attach the certificate to the API Gateway APIs. Create Route 53 DNS records with the company's domain name. Point an A record to the company's domain name.


The correct solution is C.

You should create a Regional API Gateway endpoint and associate the API Gateway endpoint with the company's domain name. Import the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the same Region. Attach the certificate to the API Gateway endpoint. Finally, configure Route 53 to route traffic to the API Gateway endpoint.

This solution meets all the requirements because it allows you to use your own domain name for your API Gateway endpoint, ensures that traffic is routed correctly via Route 53, and secures your APIs with HTTPS by using a certificate from ACM. Remember, when you use ACM with API Gateway, the certificate must be in the same Region as your API endpoint.

Sure, here's why the other options are incorrect:

Option A: Creating stage variables in API Gateway with Name="Endpoint-URL" and Value="Company Domain Name" to overwrite the default URL is not a valid approach. Stage variables are used to pass operational parameters to a deployment stage, not to overwrite the default URL of the API Gateway.

Option B: While creating Route 53 DNS records with the company's domain name and pointing the alias record to the Regional API Gateway stage endpoint is a valid step, importing the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region is incorrect. The certificate needs to be in the same region as your API endpoint.

Option D: This option incorrectly suggests importing the public certificate associated with the company's domain name into AWS Certificate Manager (ACM) in the us-east-1 Region. As mentioned before, the certificate needs to be in the same region as your API endpoint. Also, pointing an A record to the company's domain name is not a valid step in this context. The A record should point to the API Gateway endpoint.

相关推荐
ZWZhangYu4 小时前
LangChain 构建向量数据库和检索器
数据库·langchain·easyui
运维开发王义杰5 小时前
金融安全生命线:用AWS EventBridge和CloudTrail构建主动式入侵检测系统
安全·金融·aws
feifeigo1235 小时前
升级到MySQL 8.4,MySQL启动报错:io_setup() failed with EAGAIN
数据库·mysql·adb
火龙谷7 小时前
【nosql】有哪些非关系型数据库?
数据库·nosql
焱焱枫7 小时前
Oracle获取执行计划之10046 技术详解
数据库·oracle
qq_392397129 小时前
Redis常用操作
数据库·redis·wpf
一只fish11 小时前
MySQL 8.0 OCP 1Z0-908 题目解析(17)
数据库·mysql
花好月圆春祺夏安11 小时前
基于odoo17的设计模式详解---装饰模式
数据库·python·设计模式
A__tao11 小时前
SQL 转 Java 实体类工具
java·数据库·sql
m0_6530313611 小时前
腾讯云认证考试报名 - TDSQL数据库交付运维专家(TCCE PostgreSQL版)
运维·数据库·腾讯云