Which combination of steps should the developer take to meet these requirements?
(Choose two.)
Use a token-based Lambda authorizer.
Use a request parameter-based Lambda authorizer.
Configure an integration request mapping template to reference the context map from the APIGateway Lambda authorizer.
Configure an integration request mapping template to reference the identity API key value from the API Gateway Lambda authorizer.
Use VPC endpoint policies for the WebSocket APIs.
Explanations:
A token-based Lambda authorizer enables the caching of tokens, reducing the need for repeated verification of credentials on each request. This supports performance optimization and access control.
A request parameter-based Lambda authorizer would focus on parsing parameters from the WebSocket request itself. However, it doesn’t directly contribute to credential caching or the efficient management of tokens.
Configuring an integration request mapping template to reference the context map allows the Lambda authorizer’s decision (including the cached credentials) to be passed to the integration, reducing repeated authorization checks.
Referencing the identity API key in the integration request mapping template would not directly address credential caching. API keys are typically used for identifying the requester but not for efficient management of authorization tokens.
VPC endpoint policies control access to API Gateway from within a VPC but do not contribute to credential caching or token management in the context of a Lambda authorizer.
Based on what I know, the answer is:
Use a token-based Lambda authorizer.
From my point of view, the answer is:
Use a token-based Lambda authorizer.