A company’s web application consists of an Amazon API Gateway API in front of an AWS Lambda function and an Amazon DynamoDB database. The Lambda function handles the business logic, and the DynamoDB table hosts the data. The application uses Amazon Cognito user pools to identify the individual users of the application. A solutions architect needs to update the application so that only users who have a subscription can access premium content. Which solution will meet this requirement with the LEAST operational overhead?
AEnable API caching and throttling on the API Gateway API.
BSet up AWS WAF on the API Gateway API. Create a rule to filter users who have a subscription.
CApply fine-grained IAM permissions to the premium content in the DynamoDB table.
DImplement API usage plans and API keys to limit the access of users who do not have a subscription.