What is the preferred and simpler integration type when integrating API Gateway with AWS Lambda?
Lambda Proxy Integration
What is the major difference between Lambda Proxy and Lambda Non-Proxy (Custom) Integration.
- Proxy passes the entire request/response AS IS (all headers, body, etc.).
- Non-Proxy requires mapping templates to transform the data.
What is the use case to use a VPC Link with API Gateway?
To connect API Gateway to private resources (like an ALB or NLB) located inside a VPC, allowing private connectivity without routing traffic over the public internet.
What happens if the Mapping Template fails in a Lambda Non-Proxy Integration?
The request will fail before the Lambda function is ever invoked.
What are the four types of API Gateway Authorizers?
- IAM Roles/Policies
- Cognito User Pools
- Lambda Authorizers (Custom).
- JWT Authorizers (ONLY IN HTTP APIs)
What is the use case to use an API Gateway IAM Authorizer?
When the client is an authenticated AWS service or an IAM User
(e.g., an EC2 instance making a request using its attached role).
What is the use case to use an API Gateway Cognito User Pool Authorizer?
When the client is a mobile or web application user that has authenticated via AWS Cognito
What is the use case to use an API Gateway Lambda Authorizer?
When you need custom logic to validate a token or credentials
(e.g., integrating with a third-party OAuth provider or a custom legacy authentication system).
How do you optimize the latency of an API Gateway Authorizer?
Configure the caching period for the authorization response
(e.g., cache the result for 300 seconds).
How can you control access rates, define throttling limits, and monetize your API for third-party developers?
By configuring a Usage Plan and requiring clients to use API Keys.
What is the purpose of an API Key in API Gateway?
It is a token that a client must include in their requests to identify the client and manage their access according to a Usage Plan.
What is the difference between throttling limits configured on the Stage vs. the Usage Plan?
Usage Plan limits (Client-Side) override Stage limits (Server-Side), and Usage Plans are used for individual API consumers.
What is the maximum size of a request body that API Gateway supports?
10 MB
What is the first step required to make an API available to clients after making changes?
It must be deployed to a Stage.
What is the primary service used to monitor the performance metrics, latency, and cache hit ratio of API Gateway?
Amazon CloudWatch
(look for Latency, 4XXErrors, and CacheHitCount metrics).
You receive many 4XX errors for your API. What is the most likely cause?
Client-side errors
(e.g., incorrect resource path, missing authentication header, or throttling limits exceeded).
You receive many 5XX errors for your API. What is the most likely cause?
Server-side errors
(e.g., Lambda function failures, or integration timeouts/errors).
What are the two types of API supported by API Gateway? What is the difference in use case between them?
- REST APIs are feature-rich
- HTTP APIs are cheaper and support JWT Authorization natively
Do API Gateway HTTP APIs support Usage Plans, API Keys, and Throttling?
No
Do API Gateway REST APIs support Usage Plans, API Keys, and Throttling?
Yes
Do API Gateway HTTP APIs support JWT Authorization tokens natively?
Yes
Do API Gateway REST APIs support JWT Authorization Tokens natively?
No
You’ll need custom logic
A developer needs to configure an API Gateway to route requests to different Lambda functions based on a version number in the header. What is the best way?
Use API Gateway Stage Variables.
A developer needs to configure a custom endpoint for API Gateway that terminates the connection with a mutual TLS (mTLS) requirement. Which component is responsible for verifying the client certificate?
The API Gateway Custom Domain Name configuration
-
IAM 10118
-
S3 10174
-
S3 Object Lock8
-
S3 Performance10
-
S3 Sharing Buckets Across Accounts4
-
S3 Encryption and Versioning16
-
S3 Select and Glacier Select4
-
[Solutions Architect] S3 Storage Gateways14
-
[Solutions Architect] AWS Organizations7
-
CloudFront15
-
DataSync5
-
EC2 10134
-
AMI 10110
-
VPC Security Groups12
-
EBS 10117
-
Types of EBS Volumes18
-
ENI/ENA/EFA22
-
Encrypted Root Device Volumes7
-
Spot Instances and Spot Fleets15
-
EC2 Hibernate10
-
EC2 CloudWatch8
-
EC2 Misc.11
-
EFS11
-
[Solutions Architect] FSx5
-
[Solutions Architect] EC2 Placement Groups16
-
EC2 HPC5
-
AWS WAF6
-
Databases 10138
-
RDS48
-
DynamoDB40
-
Redshift15
-
Aurora17
-
Cacheing and Elasticache15
-
Advanced IAM16
-
DNS / Route 5333
-
Route53 Routing Policies11
-
VPCs48
-
NAT Instances and NAT Gateways16
-
Network ACLs8
-
VPC Flow Logs8
-
Load Balancers / High Availability 10127
-
ASGs4
-
Bastion Host and On-Premises High Availability7
-
SQS24
-
SWF6
-
SNS3
-
Elastic Transcoder2
-
API Gateway6
-
Kinesis 1017
-
Web Identity Federation and Cognito7
-
Event Processing Patterns5
-
Security23
-
Lambda19
-
Miscellaneous12
-
Containers and VMs38
-
[DEVELOPER] Advanced Lambda23
-
[DEVELOPER] Advanced SQS + SNS37
-
[DEVELOPER] Advanced Kinesis38
-
[DEVELOPER] Elasticache and Advanced RDS / Aurora3
-
[Developer] Advanced Database Topics49
-
[Developer] Advanced Analytics Topics18
-
[Developer] Monitoring Services6
-
[DEVELOPER] Advanced Storage Topics10
-
[DEVELOPER] Advanced Networking and Content Delivery26
-
[DEVELOPER] AI and ML20
-
[DEVELOPER] Developer tools14
-
[Developer] Step Functions13
-
[Developer] AWS Amplify11
-
[DEVELOPER] Advanced EC29
-
[DEVELOPER] Developer Security7
-
[DEVELOPER] Advanced API Gateway27
-
[Solutions Architect] Organizational Security15
-
[Solutions Architect] Active Directory22
-
[DEVELOPER] CloudTrail11
-
[Developer] X-Ray13
-
[Developer] SAM11
-
[Developer] Deployment Services40
