Exam AWS Certified Developer Associate topic 1 question 6 discussion

Agreed with PVR that it's a typo. Option B changed to "us-east-1"

Part of me thinks there is a typo somewhere. To import an ACM into Cloudfront, the ACM needs to be in the us-east-1 region: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-requirements.html#https-requirements-aws-region None of these answers make sense at the moment

A) Eliminated - ACM certificate must be created in the us-east-1 Region, not eu-west-1. B) Probably Typo in region name -If it is us-east-1. Then correct C) Eliminated - CloudFront is a global service, so its distributions are not tied to a specific region. D) Eliminated- The default root object specifies which file (e.g., index.html) is served when the user accesses the distribution's root URL. It has nothing to do with certificates or encryption.

B has a typo and should be changed to "us-east-1": https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-requirements.html#https-requirements-aws-region

As of now, I think the question lost it's meaning, as there is 3 times 'eu-west-1' (including in answer B) mentioned. I think, the actual problem given in the question to resolve got lost.

It should be B with the typo that the region where the cert should be installed is us-east-1

Guys I read many times the questions and the answers but I can't find any correct answer. I'm voting B as long as in the answer we change "us-west-1" to "us-east-1" (also because it is wrtitten that the user already created the certificate in us-west-1 and it is not working. According to AWS, to install a certficate to a CloudFront distribution, you need to: - request or import a certificate to ACM - You must request the certificate in the US East (N. Virginia) Region (i.e. us-east-1) - have the rigth permissions - key length must be 1024 or 2048 bits and cannot exceed 2048 bits. (https://repost.aws/knowledge-center/install-ssl-cloudfront)

Guys I read many times the questions and the answers but I can't find any correct answer. I'm voting B

It should be B

It's B (typo ---> us -east-1). Explanation: To use an ACM certificate with Amazon CloudFront, you must request or import the certificate in the US East (N. Virginia) region. ACM certificates in this region that are associated with a CloudFront distribution are distributed to all the geographic locations configured for that distribution. Reference: https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html?opt_id=undefined

there's a typo here "To use an ACM certificate with CloudFront, you must request or import the certificate in the US East (N. Virginia) region."- https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html

To add an alternate domain name (CNAME) to a CloudFront distribution, you must attach to your distribution a trusted, valid SSL/TLS certificate that covers the alternate domain name. This ensures that only people with access to your domain’s certificate can associate with CloudFront a CNAME related to your domain. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements

Looks like the second option has a typo. If it were changed to us-east-1, then it would be correct answer.

Very Tricky question for me. I found this https://www.radishlogic.com/aws/cloudfront/how-to-solve-ssl-certificate-not-showing-in-aws-cloudfront/ but in the question already says that the certification in in the same region of cloudfront. I vote for c