ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 260 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 260
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company runs an unauthenticated static website (www.example.com) that includes a registration form for users. The website uses Amazon S3 for hosting and uses Amazon CloudFront as the content delivery network with AWS WAF configured. When the registration form is submitted, the website calls an Amazon API Gateway API endpoint that invokes an AWS Lambda function to process the payload and forward the payload to an external API call.

During testing, a solutions architect encounters a cross-origin resource sharing (CORS) error. The solutions architect confirms that the CloudFront distribution origin has the Access-Control-Allow-Origin header set to www.example.com.

What should the solutions architect do to resolve the error?

  • A. Change the CORS configuration on the S3 bucket. Add rules for CORS to the AllowedOrigin element for www.example.com.
  • B. Enable the CORS setting in AWS WAF. Create a web ACL rule in which the Access-Control-Allow-Origin header is set to www.example.com.
  • C. Enable the CORS setting on the API Gateway API endpoint. Ensure that the API endpoint is configured to return all responses that have the Access-Control-Allow-Origin header set to www.example.com.
  • D. Enable the CORS setting on the Lambda function. Ensure that the return code of the function has the Access-Control-Allow-Origin header set to www.example.com.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by gd1 at June 24, 2023, 3:29 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gd1
Highly Voted 1 year, 6 months ago
Selected Answer: C
Cross-Origin Resource Sharing (CORS) is a security measure that allows or denies scripts on webpages from making requests to a different domain than the one the script came from. The CORS policy is configured on the server side, and servers use the Access-Control-Allow-Origin header to tell the browser which domains are allowed to make requests. In the scenario provided, the error message is likely occurring because the API Gateway API endpoint used by the static website is not configured to allow www.example.com as an origin for requests.
upvoted 8 times
...
duriselvan
Most Recent 1 year ago
C : ans https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html
upvoted 3 times
...
career360guru
1 year, 1 month ago
Selected Answer: C
Option C
upvoted 1 times
...
severlight
1 year, 1 month ago
Selected Answer: C
we call API Gateway endpoint from a different origin, API Gateway should be able to verify that request comes from the verified origin, hence you should enable CORS in API Gateway and add your website origin to the list of verified origins.
upvoted 4 times
...
ggrodskiy
1 year, 5 months ago
Correct C.
upvoted 1 times
...
rrrrrrrrrr1
1 year, 5 months ago
I guess it can't be D because lambda doesn't have a Cors setting. However, there are use-cases where you need to return the cors header inside the lambda return. "Configure your REST API integrations to return the required CORS headers Configure your backend AWS Lambda function or HTTP server to send the required CORS headers in its response. Keep in mind the following:"
upvoted 2 times
...
NikkyDicky
1 year, 5 months ago
Selected Answer: C
eaasy C
upvoted 1 times
...
javitech83
1 year, 6 months ago
Selected Answer: C
C is correct
upvoted 1 times
...
SmileyCloud
1 year, 6 months ago
Selected Answer: C
C - use case -> https://repost.aws/knowledge-center/api-gateway-cors-errors
upvoted 3 times
...
Alabi
1 year, 6 months ago
Selected Answer: C
In this case, when the registration form on the static website (hosted on Amazon S3) is submitted and makes a request to the API Gateway API endpoint, a CORS error occurs. This error indicates that the API response lacks the appropriate Access-Control-Allow-Origin header, which specifies the allowed origin domains for the response.
upvoted 4 times
...
Maria2023
1 year, 6 months ago
Selected Answer: A
I vote for A since I was not able for find an option to configure CORS on API gateway plus this information https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/cors.html
upvoted 1 times
javitech83
1 year, 6 months ago
yes you can Choose the API: Choose the "Resources" option in the API Gateway console. In the "Resources" pane, choose the resource you want to enable CORS for. Choose "Actions" -> "Enable CORS". C is correct
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel