A company has recently launched a media application that leverages an Amazon CloudFront distribution. This distribution is configured to access an S3 bucket through an origin access identity (OAI). The S3 bucket is explicitly set to deny access to any users other than those permitted via the OAI. The developer aims to permit unauthenticated users to access the application's login page while concurrently maintaining stringent security controls for all private content that requires restricted viewer access.

What would you recommend in this scenario?

Exam-Like

Configure a new distribution having the same origin as the original distribution and set the path pattern for the default cache behavior of the new distribution as the path of the login page with viewer access as unrestricted. Keep the default cache behavior of the original distribution unchanged

14.3%

Configure a second cache behavior to the distribution having the same origin as the default cache behavior and have the path pattern for the second cache behavior as * with viewer access as restricted. Modify the default cache behavior’s path pattern to the path of the login page and have the viewer access as unrestricted*

14.3%

Configure a second cache behavior to the distribution having the same origin as the default cache behavior and have the path pattern for the second cache behavior as the path of the login page with viewer access as unrestricted. Keep the default cache behavior’s settings unchanged

71.4%

Configure a second origin as the failover origin for the default behavior of the original distribution and have the path pattern for the second origin as the path of the login page with viewer access as unrestricted. Keep the behavior for the primary origin unchanged

0.0%

AWS Certified Developer - Associate

Comments

Get started today