Question #1258
A solutions architect is designing a microservice that must be accessible via HTTPS and authenticate requests using AWS IAM. The microservice is implemented as a single AWS Lambda function written in Java 17. Which deployment method is the MOST operationally efficient?
Create a Lambda function URL with AWS_IAM as the authentication type.
Create an Amazon API Gateway HTTP API configured with IAM authorization and integrate it with the Lambda function.
Deploy the Lambda function using Lambda@Edge within an Amazon CloudFront distribution, integrating IAM authentication in the function code.
Use an Amazon CloudFront distribution with CloudFront Functions, specifying AWS_IAM authentication for the function.
Explanation
Option A is correct because Amazon API Gateway HTTP API is designed to handle HTTPS and IAM authentication natively. It integrates seamlessly with Lambda, allowing the function to focus on business logic without managing authentication. API Gateway also provides additional features like throttling, caching, and monitoring, which enhance operational efficiency.
Option B (Lambda function URL) supports IAM auth and HTTPS but is less scalable for microservices requiring API management features. Option C (Lambda@Edge) requires custom IAM auth code, adding complexity, and may not support Java 17. Option D (CloudFront Functions) is invalid as it doesn't support Java. API Gateway remains the best practice for operational efficiency, scalability, and integration with AWS services.
Answer
The correct answer is: A