Learn how to troubleshoot and resolve cross-origin resource sharing (CORS) errors in AWS API Gateway and Lambda functions for a secure and efficient web application.
Table of Contents
Question
A company runs an unauthenticated static website (www.example.com) that includes a registration form for users. The website uses Amazon S3 for hosting and uses Amazon CloudFront as the content delivery network with AWS WAF configured. When the registration form is submitted, the website calls an Amazon API Gateway API endpoint that invokes an AWS Lambda function to process the payload and forward the payload to an external API call.
During testing, a solutions architect encounters a cross-origin resource sharing (CORS) error. The solutions architect confirms that the CloudFront distribution origin has the Access-Control-Allow-Origin header set to www.example.com.
What should the solutions architect do to resolve the error?
A. Change the CORS configuration on the S3 bucket. Add rules for CORS to the AllowedOrigin element for www.example.com.
B. Enable the CORS setting in AWS WAF. Create a web ACL rule in which the Access-Control-Allow-Origin header is set to www.example.com.
C. Enable the CORS setting on the API Gateway API endpoint. Ensure that the API endpoint is configured to return all responses that have the Access-Control-Allow-Origin header set to www.example.com.
D. Enable the CORS setting on the Lambda function. Ensure that the return code of the function has the Access-Control-Allow-Origin header set to www.example.com.
Answer
C. Enable the CORS setting on the API Gateway API endpoint. Ensure that the API endpoint is configured to return all responses that have the Access-Control-Allow-Origin header set to www.example.com.
Explanation
When a web page makes an AJAX request to a different domain than the one that served the web page, the browser sends a CORS request to the server to request permission to make the request. The server must respond with the Access-Control-Allow-Origin header set to the domain that made the request. In this case, the domain that made the request is www.example.com.
Option A is incorrect because changing the CORS configuration on the S3 bucket will not help with the CORS error on the API Gateway API endpoint.
Option B is incorrect because enabling CORS in AWS WAF will not help with the CORS error on the API Gateway API endpoint.
Option D is incorrect because the Lambda function is not involved in the CORS request.
Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Solutions Architect – Professional SAP-C02 exam and earn Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification.