AWS Certified Developer – Associate (DVA-C02) — Question 552
A company is developing a publicly accessible single-page application. The application makes calls from a client web browser to backend services to provide a user interface to customers. The application depends on a third-party web service exposed as an HTTP API. The web client must provide an API key to the third-party web service by using the HTTP header as part of the HTTP request. The company's API key must not be exposed to the users of the web application.
Which solution will meet these requirements MOST cost-effectively?
Answer options
- A. Use Amazon API Gateway to create a private REST API. Create an HTTP integration to integrate with the third-party HTTP API. Add the company’s API key to the HTTP headers list of the integration request configuration.
- B. Use Amazon API Gateway to create a private REST API. Create an AWS Lambda proxy integration. Make calls to the third-party HTTP API from the Lambda function. Pass the company's API key as an HTTP request header.
- C. Use Amazon API Gateway to create a REST API. Create an HTTP integration to integrate with the third-party HTTP API. Add the company's API key to the HTTP headers list of the integration request configuration.
- D. Use Amazon API Gateway to create a REST API. Create an AWS Lambda proxy integration. Make calls to the third-party HTTP API from the Lambda function. Pass the company's API key as an HTTP request header.
Correct answer: C
Explanation
A public REST API is required because the single-page application runs in the client browser and must access the API over the public internet, ruling out private REST APIs (options A and B). Using a direct HTTP integration in Amazon API Gateway allows the API key to be securely injected into the header during the integration request without exposing it to the client. This approach is more cost-effective than using an AWS Lambda proxy integration (option D) because it avoids the additional execution costs and latency of running a Lambda function.