Your team is developing an API that they want to host using the AWS API gateway service. They don’t want to allow anonymous access and want to have an authentication mechanism in place. Which of the following can be used for authentication purposes for the API gateway? Choose 3 answers from the options given below.

Answer options:

A.Lambda authorizers
B.AWS Cognito
C.API keys
D.User names and passwords

Answer – A, B and C
The AWS Documentation mentions the following.
API Gateway supports multiple mechanisms for controlling access to your API.
Resource policies let you create resource-based policies to allow or deny access to your APIs and methods from the specified source IP addresses or VPC endpoints.
Standard AWS IAM roles and policies offer flexible and robust access controls that can be applied to an entire API or individual methods.
Cross-origin resource sharing (CORS) lets you control how your API responds to cross-domain resource requests.
Lambda authorizers are Lambda functions that control access to your API methods using bearer token authentication as well as information described by headers, paths, query strings, stage variables, or context variables request parameters.
Amazon Cognito user pools let you create customizable authentication and authorization solutions.
Client-side SSL certificates can be used to verify that HTTP requests to your backend system are from API Gateway.
Usage plans let you provide API keys to your customers — and then track and limit the usage of your API stages and methods for each API key.
For more information on controlling access to the API, please refer to the below URL-
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-to-api.html