Which of the following are not access control mechanisms for AWS API Gateway? (Choose 2 options)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Answer: C, D.
Following are different ways of controlling access to your AWS API Gateway.
https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-controlling-access-to-apis.htmlOption C is not an access control mechanism.
API Gateway accepts the client-side certificates of your backend system.
https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html#configure-apiOption D is not an access control mechanism.
RouteTables in VPCs are to control network traffic flow within a VPC.For more information on VPC route tables, refer to documentation here:
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.htmlSure, I can provide you with a detailed explanation of the access control mechanisms for AWS API Gateway and which options are not part of those mechanisms.
AWS API Gateway provides several ways to control access to your APIs. These include:
Resource policies: These policies are applied to individual resources in your API and can control who has access to that specific resource.
Lambda authorizers: These are custom authorizers that you can use to control access to your API using a Lambda function. The Lambda function can perform custom authentication and authorization logic to allow or deny access to the API.
Server-side certificates: These are used to secure connections between the client and the API Gateway using SSL/TLS encryption. They are not used for access control.
VPC RouteTables: These are used to control traffic between a VPC and the internet. They are not used for access control in API Gateway.
Usage plans: These are used to control access to your API by limiting the number of requests that can be made by a particular client over a given period of time.
Based on the above explanations, the two options that are not access control mechanisms for AWS API Gateway are:
C. Server-side certificates - These are used to secure connections between the client and the API Gateway using SSL/TLS encryption. They are not used for access control.
D. VPC RouteTables - These are used to control traffic between a VPC and the internet. They are not used for access control in API Gateway.
Therefore, the correct answers are C and D.