AWS Certified Developer – Associate — Question 8

A company maintains a REST service using Amazon API Gateway and the API Gateway native API key validation. The company recently launched a new registration page, which allows users to sign up for the service. The registration page creates a new API key using CreateApiKey and sends the new key to the user. When the user attempts to call the API using this key, the user receives a 403 Forbidden error. Existing users are unaffected and can still call the API.
What code updates will grant these new users access to the API?

Answer options

• A. The createDeployment method must be called so the API can be redeployed to include the newly created API key.
• B. The updateAuthorizer method must be called to update the API's authorizer to include the newly created API key.
• C. The importApiKeys method must be called to import all newly created API keys into the current stage of the API.
• D. The createUsagePlanKey method must be called to associate the newly created API key with the correct usage plan.

Correct answer: D

Explanation

The correct answer is D because the newly created API key must be associated with a usage plan to grant access to the API. Without this association, the API Gateway will not recognize the key as valid, resulting in a 403 Forbidden error. Options A, B, and C do not address the need for linking the API key to a usage plan, which is essential for allowing new users to access the API.