AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
For a file-sharing application using Amazon S3 and Amazon CloudFront, how should a solutions architect configure access to prevent direct S3 URL access while allowing CloudFront to serve files?
A
Implement bucket policies granting CloudFront-specific read access.
B
Create an IAM user with S3 read permissions and integrate with CloudFront.
C
Utilize a bucket policy with CloudFront's distribution ID as the Principal and the S3 bucket ARN.
D
Generate an origin access identity, apply it to CloudFront, and restrict S3 bucket permissions to the identity only.