Logo
AWS Certified Solutions Architect - Professional / Question #830 of 529

Question #830

A company is developing a serverless application using AWS Lambda. Each customer must have a customizable request limit that resets daily, with some customers allowed higher limits during peak hours. The solution must enforce accurate per-customer limits while accommodating varying usage patterns.

Which solution meets these requirements?

A

Deploy an Amazon API Gateway REST API integrated with Lambda. Assign each customer a usage plan with a daily quota and adjustable rate limits. Generate API keys linked to their respective usage plans for authentication and quota enforcement.
B

Use Amazon API Gateway HTTP API with Lambda integration. Configure route-specific throttling limits and attach usage plans with API keys. Assign each customer a unique API key tied to their throttling settings.
C

Create Lambda aliases with provisioned concurrency for each customer. Distribute unique Lambda function URLs for each alias, applying concurrency limits as the daily request quota. Share URLs with relevant customers.
D

Set up an Application Load Balancer (ALB) with Lambda as a target. Use AWS WAF rate-based rules linked to each customer's IP range to enforce request quotas. Configure rules to reset limits daily.

Explanation

Answer A is correct because:
1. Usage Plans & Daily Quotas: API Gateway REST API usage plans enable per-customer daily request quotas that reset automatically every 24 hours.
2. Adjustable Rate Limits: Rate limits can be customized (e.g., higher during peak hours) per usage plan.
3. API Key Authentication: Each customer is assigned a unique API key linked to their usage plan, ensuring their specific limits are enforced.

Why other options are incorrect:
- B: HTTP API does not support usage plans; throttling is route-wide, not per-customer.
- C: Lambda concurrency limits do not track daily request counts or reset quotas.
- D: AWS WAF rate-based rules reset every 5 minutes, not daily, and IP-based tracking is unreliable.

Key Points:
- Use API Gateway REST API + usage plans for per-customizable daily quotas.
- API keys enforce authentication and link to usage plans.
- Rate limits and quotas reset daily by default in usage plans.

Answer

The correct answer is: A