A SAM application has an API Gateway HTTP API and Lambda functions. Authentication must validate a custom HTTP header and token by calling a legacy service that is not OpenID Connect or SAML. Which mechanism should the team use?
Multiple choice — select one answer
Answer choices
Architectural breakdown & explanation
A Lambda authorizer calls your existing auth service and returns an IAM policy for allow or deny.
Correct answer(s): b. Lambda authorizer
Exam domain: Domain 1: SDLC Automation (22% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the AWS Certified DevOps Engineer – Professional bank. Run a full timed practice exam with domain-weighted random questions in your browser.