Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 881 discussion

AE. By default, each file automatically expires after 24 hours, but you can change the default behavior in two ways: 1. To change the cache duration for all files that match the same path pattern, you can change the CloudFront settings for Minimum TTL, Maximum TTL, and Default TTL for a cache behavior. 2. To change the cache duration for an individual file, you can configure your origin to add a Cache-Control header with the max-age or s-maxage directive, or an Expires header to the file. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html#expiration-individual-objects

You simply can't have A and E in the same approach: "Default TTL applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, or Expires to objects." C - Cache-Control private directive specifies that the response is intended for a single user and should not be cached by shared caches - it can still be cached, but only on a client device. This combination of steps would provide the best solution for the case. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDefaultTTL

This question has gaps: B) Can not be done in relation to S3 catching, this is a CloudFront specific configuration C) Question does not make any comment in the sense of "private" objects... any asumption in that sense is your personal oppinion, not the question stating it D) Collisions with A, why would you do something like that programatically? E) Can not be because why would you put 24h when it is not requested, also why would you invalidate a deployment that is already TTL=0, everything is up to date in the caches with that config

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html#ExpirationDownloadDist

A - Setting the default TTL to 2 minutes allows CloudFront to cache content for a short period. B - TTL is not a concept applied directly to S3 buckets. TTL and caching behaviors are managed through Cache-Control headers and CloudFront settings. C - The *private directive* lets caching occur locally only, not in shared caches like CloudFront. D - Ensures content is served fresh by tightly controlling cache expiration, not even "a few minutes". E - Using a long Cache-Control max-age directive improves performance, while targeted CloudFront invalidations ensure that updated content is served immediately after deployment. This is common practice.

browser will always get cache-control value set by S3 not cloudfront. cloudfront will use parameter ttl override the cache-control header for decision time to cache on cloudfront. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html?utm_source=chatgpt.com#ExpirationDownloadDist

A - make browser to cache 2 minutes. after 2 minute browser will ask cloudfront E: cloudfront would not ask S3 for 24hour . invalidation will clearing this cacheing. so A+E is most effective.

#A - Set the CloudFront default TTL to 2 minutes: This directly controls how long content is cached at the CloudFront edge locations, allowing for a short caching window to meet the requirement of not serving stale content for more than a few minutes. #D - Create a Lambda@Edge function to add an Expires header: By using a Lambda@Edge function triggered on the "viewer response", you can dynamically set an Expires header with a precise expiration time on each request, ensuring fine-grained control over caching behavior.

A-C, Because A-E is not possible following this link: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDefaultTTL "Default TTL applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, or Expires to objects."

If the content still keep client's cache in 24h, its wrong (answer E)

If your minimum TTL is greater than 0, CloudFront uses the cache policy’s minimum TTL, even if the Cache-Control: no-cache, no-store, and/or private directives are present in the origin headers. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

"However, the company also wants to ensure that stale content is not served for more than a few minutes after a deployment." After a deployment

Answer (AC) Per table on URL https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html#expiration-individual-objects answer E is incorrect because if we will change cache-control max-age to 24h it will means that customer browser will cache web for 24h and customer want to be sure that it will be not longer then few min. Expires header (answer D) from my understanding can be used only on full folder of web not as lambda function which will reply to customer reqeusts. We are setting Default TTL for CloudFront (answer A) not on S3 (answer B) and it will say CloudFront to cache web for 2min.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html#expiration-individual-objects https://stackoverflow.com/questions/43343759/confused-with-minimum-maximum-and-default-ttl-in-cloudfront

Since it don’t want to cache more than a minute, A cannot be an answer

Answer is AE , C would only be on the user browser and would not cache to the cloud front and would be useless

Add a Cache-Control Private Directive to Objects in Amazon S3 (Option C): By setting the Cache-Control header to private for objects in the S3 bucket, you control caching behavior. The private directive indicates that the content is intended for a single user and should not be cached by intermediate proxies or CDNs. This helps prevent stale content from being served to multiple users. Additionally, consider using other Cache-Control directives (e.g., max-age, no-cache, no-store) as needed.