AWS Certified Developer Associate DVA-C02 Practice Question
When developing a cloud-based solution that exposes a set of HTTP endpoints to its users, which technique should a developer implement to ensure that each incoming request is both authenticated and authorized before granting access to the underlying resources?
Develop a bespoke authentication system within a Lambda function that generates and validates JSON Web Tokens before each service interaction.
Integrate Amazon API Gateway with a Lambda authorizer that checks OAuth tokens for client identity verification on each interaction.
Deploy AWS Security Token Service within the client’s scope to regularly assume an IAM role necessary for service interaction.
Configure the application to fetch and use static access credentials from AWS Systems Manager Parameter Store for each service request.