Topic 1 Question 260

AWS Certified Solutions Architect - Professional

Topic 1 Question 260
A company runs an unauthenticated static website (www.example.com) that includes a registration form for users. The website uses Amazon S3 for hosting and uses Amazon CloudFront as the content delivery network with AWS WAF configured. When the registration form is submitted, the website calls an Amazon API Gateway API endpoint that invokes an AWS Lambda function to process the payload and forward the payload to an external API call.

During testing, a solutions architect encounters a cross-origin resource sharing (CORS) error. The solutions architect confirms that the CloudFront distribution origin has the Access-Control-Allow-Origin header set to www.example.com.

What should the solutions architect do to resolve the error?
- Change the CORS configuration on the S3 bucket. Add rules for CORS to the AllowedOrigin element for www.example.com.
- Enable the CORS setting in AWS WAF. Create a web ACL rule in which the Access-Control-Allow-Origin header is set to www.example.com.
- Enable the CORS setting on the API Gateway API endpoint. Ensure that the API endpoint is configured to return all responses that have the Access-Control-Allow-Origin header set to www.example.com.
- Enable the CORS setting on the Lambda function. Ensure that the return code of the function has the Access-Control-Allow-Origin header set to www.example.com.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: C
  Cross-Origin Resource Sharing (CORS) is a security measure that allows or denies scripts on webpages from making requests to a different domain than the one the script came from. The CORS policy is configured on the server side, and servers use the Access-Control-Allow-Origin header to tell the browser which domains are allowed to make requests.
  
  In the scenario provided, the error message is likely occurring because the API Gateway API endpoint used by the static website is not configured to allow www.example.com as an origin for requests.
  
  👍 5
  gd12023/06/24
- 正解だと思う選択肢: C
  In this case, when the registration form on the static website (hosted on Amazon S3) is submitted and makes a request to the API Gateway API endpoint, a CORS error occurs. This error indicates that the API response lacks the appropriate Access-Control-Allow-Origin header, which specifies the allowed origin domains for the response.
  
  👍 4
  Alabi2023/06/25
- 正解だと思う選択肢: C
  C - use case -> https://repost.aws/knowledge-center/api-gateway-cors-errors
  
  👍 2
  SmileyCloud2023/06/26
シャッフルモード

ユーザの投票

コメント(11)