Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 625 discussion

Geolocation routing policy — Use when you want to route traffic based on the location of users. Geo-proximity routing policy — Use when you want to route traffic based on the location of your resources and optionally switch resource traffic at one location to resources elsewhere.

"You can also use geolocation routing to restrict distribution of content to only the locations in which you have distribution rights" Link: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geo.html

A is incorrect, what is config cloudfront with waf? should be WAF geo match statement only

When you use geolocation routing, you can localize your content and present some or all of your website in the language of your users. You can also use geolocation routing to restrict distribution of content to only the locations in which you have distribution rights. Another possible use is for balancing load across endpoints in a predictable, easy-to-manage way, so that each user location is consistently routed to the same endpoint.

"Restrict the geographic distribution of your content You can use geographic restrictions, sometimes known as geo blocking, to prevent users in specific geographic locations from accessing content that you're distributing through an Amazon CloudFront distribution." https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html

Check line 6 on this documentation. ...You can also use geolocation routing to restrict distribution of content to only the locations in which you have distribution rights. https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geo.html

Route 53 can only restrict for geolocation users in this case, it's not for contents. I vote for "A".

Answer is A.

I vote for A

. Configure Amazon Route 53 with a geolocation policy. By configuring Amazon Route 53 with a geolocation policy, the solutions architect can direct users to different Application Load Balancers based on their geographical location. This allows the company to serve the correct content to users in different regions without violating distribution rights. Geolocation routing policies enable you to route traffic based on the geographic location of your users, ensuring that users are directed to the nearest or most appropriate endpoint based on their location. This solution is suitable for scenarios where content distribution rights vary by region and need to be enforced accordingly.

I think it's A

WAF for filtering web traffic based on rules. In this case it may be IP address, geolocation, region. CloudFront for global distribution. B: Just balances and does not filter CD: Connects the user to the NEAREST server which is not same as AUTHORISED content

distributions + restriction of content deleivery target = A

We want to restrict access by country. People in Spain are allowed to access certain content while people in Portugal are not. A Route 53 geolocation policy that returns the "nearest" endpoint will not help, because a) the "nearest" endpoint could be identical for multiple countries with different distribution rights and b) it could easily be bypassed.

AWS CloudFront supports geographic restrictions, also known as geo-blocking, which can be used to control the distribution of your content based on the geographic location of your viewers. You can use the CloudFront geographic restrictions feature to either grant permission to your users to access your content only if they’re in one of the approved countries on your allowlist, or prevent your users from accessing your content if they’re in one of the banned countries on your denylist. For example, if a request comes from a country where you are not authorized to distribute your content, you can use CloudFront geographic restrictions to block the request.

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geo.html

https://repost.aws/knowledge-center/cloudfront-geo-restriction