AWS Certified Solutions Architect - Professional: SAP-C01 Exam
Question
A software team builds up a feature that needs a new RESTful endpoint that returns greetings to customers.
The endpoint contains several path variables and query string parameters.
This HTTP endpoint is supposed to be hit millions of times per month.
However, the hit rate may change dramatically.
The team decides to use API gateway/lambda to save some cost.
The team needs to deploy the feature quickly.
However, the team members have little experience with lambda.
Which below options CAN NOT help the team? Select 2.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer - C, D.
The feature development is under time pressure.
So we should find the options that make things unnecessarily complicated.
One thing to note is that this question asks for the options that CAN NOT help.
To build an API with Lambda integrations, either Lambda proxy integration or Lambda custom integration can be used.
(https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-with-lambda-integration.html):
In Lambda proxy integration, the input to the integrated Lambda function can be expressed as any combination of request headers, path variables, query string parameters, and body.
In addition, the Lambda function can use API configuration settings to influence its execution logic.
For an API developer, setting up a Lambda proxy integration is simple.
Other than choosing a particular Lambda function in a given region, you have little else to do.
API Gateway configures the integration request and integration response for you.
In Lambda custom integration, you must ensure that input to the Lambda function is supplied as the integration request payload.
This implies that you, as an API developer, must map any input data the client supplied as request parameters into the proper integration request body.
You may also need to translate the client-supplied request body into a format recognized by the Lambda function.
According to the above, the simpler way is to use Lambda proxy integration.
The below is an example when creating a resource in API gateway:
Option A is incorrect: Because the “microservice-http-endpoint” blueprint can help build the whole system quickly, which is also straightforward to use.
Refer to https://docs.aws.amazon.com/lambda/latest/dg/with-on-demand-https-example-configure-event-source_1.html on how to use an API gateway/Lambda blueprint.
Option B is incorrect: Because Lambda proxy integration is simpler for API to integrate with Lambda.
Option C is CORRECT: Because Lambda custom integration has introduced unnecessary complicity.
Considering the limited time, it is not a proper way and brings less help on the project.
Option D is CORRECT: Although lambda authorizer can help with the authorization, it is not required in this case.
It has added extra effort to the project and is not a necessary step either.
Option A and D are the options that cannot help the team.
Option A suggests using a blueprint in the Lambda console to create a lambda-microservice under the selected API. While this is a quick way to create a RESTful endpoint, it may not be the best option for the team since the endpoint is expected to be hit millions of times per month. Using a blueprint may not offer the scalability and customization required to handle the expected traffic.
Option B suggests building an API gateway with a proxy resource for a Lambda function. This is a valid option and can be a quick way to deploy a lambda function through the API gateway. This can be done by selecting the “Configure as proxy resource” option when creating an API resource. The team can then use API Gateway to define the RESTful endpoint and proxy the requests to the Lambda function. This is a valid and scalable option.
Option C suggests using the API Gateway console to build an API that enables a client to call Lambda functions through the Lambda custom integration. This option is also valid and can be used to quickly deploy Lambda functions through the API Gateway. The user can choose a particular Lambda function in a given region, and the API Gateway console will take care of the integration. This is a valid and scalable option.
Option D suggests implementing a lambda authorizer for the API gateway to grant permissions. A Lambda authorizer uses bearer token authentication strategies, such as OAuth or SAML, which secures access to the API gateway and back-end lambda. While this is a valid security option, it does not help the team with their primary concern of quickly deploying the feature using Lambda and API Gateway.
In summary, options B and C are valid options for the team to quickly deploy the feature using Lambda and API Gateway. Options A and D may not be the best options for the team given the expected hit rate and their limited experience with Lambda.