A Company Is Running a Number of Internet-Facing APIs That

A company is running a number of internet-facing APIs that use an AWS Lambda authorizer to control access. A security team wants to be alerted when a large number of requests are failing authorization, as this may indicate API abuse. Given the magnitude of API requests, the team wants to be alerted only if the number of HTTP 403 Forbidden responses goes above 2% of overall API calls. Which solution will accomplish this?

A) Use the default Amazon API Gateway 403Error and Count metrics sent to Amazon CloudWatch, and use metric math to create a CloudWatch alarm. Use the (403Error/Count) *100 mathematical expression when defining the alarm. Set the alarm threshold to be greater than 2.
B) Write a Lambda function that fetches the default Amazon API Gateway 403Error and Count metrics sent to Amazon CloudWatch, calculate the percentage of errors, then push a custom metric to CloudWatch named Custorn403Percent. Create a CloudWatch alarm based on this custom metric. Set the alarm threshold to be greater than 2.
C) Configure Amazon API Gateway to send custom access logs to Amazon CloudWatch Logs. Create a log filter to produce a custom metric for the HTTP 403 response code named Custom403Error. Use this custom metric and the default API Gateway Count metric sent to CloudWatch, and use metric match to create a CloudWatch alarm. Use the (Custom403Error/Count) *100 mathematical expression when defining the alarm. Set the alarm threshold to be greater than 2.
D) Configure Amazon API Gateway to enable custom Amazon CloudWatch metrics, enable the ALL_STATUS_CODE option, and define an APICustom prefix. Use CloudWatch metric math to create a CloudWatch alarm. Use the (APICustom403Error/Count) *100 mathematical expression when defining the alarm. Set the alarm threshold to be greater than 2.

Correct Answer:

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Access For Free