ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 382 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 382
Topic #: 1
[All AWS Certified Developer Associate Questions]

A developer is creating a photo website. Amazon Route 53 hosts the website’s domain. The developer wants to store the application code and images in an Amazon S3 bucket. The developer also wants to use Amazon CloudFront to deliver the images to users.

The developer has created the S3 bucket and a CloudFront distribution. The developer wants the images to be accessed only through the website’s domain. Users must not use the S3 URLs.

Which solution will meet these requirements?

  • A. Create a CloudFront origin access identity (OAI). Associate the OAI with the CloudFront distribution. Modify the S3 bucket policy to allow access from only the OAI. Create an alias in Route 53 that points the website domain to the S3 bucket.
  • B. Create a CloudFront origin access identity (OAI). Associate the OAI with the CloudFront distribution. Modify the S3 bucket policy to allow access from only the OAI. Update the Route 53 records to point the website domain to the CloudFront domain name.
  • C. Block public access in the S3 bucket policy. Configure CloudFront to use the S3 bucket endpoint. Create an alias in Route 53 that points the website domain to the S3 bucket.
  • D. Block public access in the S3 bucket policy. Configure CloudFront to use the S3 bucket endpoint. Create an alias in Route 53 that points the website domain to the CloudFront domain name.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Phinx at Jan. 22, 2023, 6:45 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
hcsaba1982
1 year, 5 months ago
Selected Answer: A
I believe this is A. The A record in SOA can be just IP address, domain name is not possible, so it cannot be B. As I see for Cloudfront an Alias configuration is required : "Important : You must create an Alias record for the CloudFront distribution to work." https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html
upvoted 1 times
...
pancman
2 years, 1 month ago
Selected Answer: B
B is correct
upvoted 2 times
...
JagpreetLM10
2 years, 3 months ago
AAAAAA
upvoted 1 times
JagpreetLM10
2 years, 3 months ago
B . Create a CloudFront origin access identity (OAI). Associate the OAI with the CloudFront distribution. Modify the S3 bucket policy to allow access from only the OAI. Update the Route 53 records to point the website domain to the CloudFront domain name. This solution meets the requirements because creating an OAI and associating it with the CloudFront distribution will restrict access to the S3 bucket to only CloudFront. Modifying the S3 bucket policy to allow access from only the OAI will prevent direct access to the S3 bucket. Updating the Route 53 records to point the website domain to the CloudFront domain name will ensure that users can only access the images through the website's domain.
upvoted 6 times
...
...
KT_Yu
2 years, 3 months ago
Selected Answer: B
B I guess
upvoted 3 times
...
Phinx
2 years, 3 months ago
Selected Answer: B
B is the way to go.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago