AWS Certified Developer – Associate (DVA-C02) — Question 401

A developer has an application that uses WebSocket APIs in Amazon API Gateway. The developer wants to use an API Gateway Lambda authorizer to control access to the application.

The developer needs to add credential caching and reduce repeated usage of secret keys and authorization tokens on every request.

Which combination of steps should the developer take to meet these requirements? (Choose two.)

Answer options

• A. Use a token-based Lambda authorizer.
• B. Use a request parameter-based Lambda authorizer.
• C. Configure an integration request mapping template to reference the context map from the APIGateway Lambda authorizer.
• D. Configure an integration request mapping template to reference the identity API key value from the API Gateway Lambda authorizer.
• E. Use VPC endpoint policies for the WebSocket APIs.

Correct answer: A, C

Explanation

Using a token-based Lambda authorizer allows API Gateway to cache authorization results based on the incoming token, significantly reducing redundant invocations and the need to verify credentials on each request. To leverage these cached details in backend integrations, the developer should configure an integration request mapping template that references the context map returned by the Lambda authorizer.