ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 974 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 974
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A company hosts an application on AWS. The application gives users the ability to upload photos and store the photos in an Amazon S3 bucket. The company wants to use Amazon CloudFront and a custom domain name to upload the photo files to the S3 bucket in the eu-west-1 Region.

Which solution will meet these requirements? (Choose two.)

  • A. Use AWS Certificate Manager (ACM) to create a public certificate in the us-east-1 Region. Use the certificate in CloudFront.
  • B. Use AWS Certificate Manager (ACM) to create a public certificate in eu-west-1. Use the certificate in CloudFront.
  • C. Configure Amazon S3 to allow uploads from CloudFront. Configure S3 Transfer Acceleration.
  • D. Configure Amazon S3 to allow uploads from CloudFront origin access control (OAC).
  • E. Configure Amazon S3 to allow uploads from CloudFront. Configure an Amazon S3 website endpoint.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by JunsK1e at Aug. 3, 2024, 11:33 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JoeTromundo
Highly Voted 7 months ago
Selected Answer: AD
Amazon CloudFront requires an SSL/TLS certificate to use HTTPS with a custom domain name. This certificate MUST be provisioned in the us-east-1 Region, regardless of where your content is hosted. This is because CloudFront only supports certificates in the us-east-1 Region for use with custom domain names. Origin Access Control (OAC) is a feature that allows you to securely upload content to an S3 bucket using CloudFront. It provides fine-grained access control and ensures that only CloudFront can upload files to the S3 bucket, preventing direct access. Configuring S3 to allow uploads from CloudFront using OAC ensures that only CloudFront can interact with the S3 bucket, adding an extra layer of security.
upvoted 9 times
...
George1990
Highly Voted 8 months, 3 weeks ago
Correct is BD
upvoted 6 times
...
yangbo
Most Recent 1 month, 3 weeks ago
Selected Answer: AC
OAC do not support uploads from CloudFront to the S3 bucket.
upvoted 1 times
...
TicDcNess
7 months ago
AWS Region for AWS Certificate Manager To use a certificate in AWS Certificate Manager (ACM) to require HTTPS between viewers and CloudFront, make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1)
upvoted 2 times
...
rpmaws
7 months, 2 weeks ago
Selected Answer: AD
cloud front require all SSL certificate to be in us-east region regardless the origin location of the site server.
upvoted 2 times
...
[Removed]
8 months, 1 week ago
Selected Answer: AD
AD looks correct
upvoted 3 times
...
dhewa
8 months, 1 week ago
Selected Answer: AD
A. Use AWS Certificate Manager (ACM) to create a public certificate in the us-east-1 Region. Use the certificate in CloudFront: CloudFront requires the certificate to be in the us-east-1 Region for custom domain names. D. Configure Amazon S3 to allow uploads from CloudFront origin access control (OAC): This ensures secure uploads from CloudFront to the S3 bucket.
upvoted 3 times
...
[Removed]
8 months, 1 week ago
Selected Answer: AD
A. Use AWS Certificate Manager (ACM) to create a public certificate in the us-east-1 Region. Use the certificate in CloudFront. CloudFront requires that the SSL/TLS certificate for the custom domain be created in the us-east-1 Region (N. Virginia). Even if your S3 bucket is in another region, the certificate must be in us-east-1 because CloudFront is a global service and this region is where CloudFront looks for certificates. D. Configure Amazon S3 to allow uploads from CloudFront origin access control (OAC). Configuring S3 to allow uploads from CloudFront using Origin Access Control (OAC) ensures that only CloudFront can interact with your S3 bucket, improving security by preventing direct access to the bucket from the public internet.
upvoted 3 times
...
komorebi
8 months, 4 weeks ago
Selected Answer: AD
Answer is AD
upvoted 4 times
...
JunsK1e
8 months, 4 weeks ago
Selected Answer: BD
BD correct answer
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago