A company operates a web server on the AWS Cloud and utilizes an Amazon S3 bucket to store its web content. To enhance content delivery speed and security, the company plans to deploy an Amazon CloudFront distribution. It is crucial that the content stored in the S3 bucket remains inaccessible to the public directly. What measures should be taken to ensure that the CloudFront distribution is the only entity able to access the S3 bucket content while maintaining security and performance?

Exam-Like

Configure the permissions on the individual files in the S3 bucket so that only the CloudFront distribution has access to them.

0.0%

Create an origin access control (OAC). Associate the OAC with the CloudFront distribution. Configure the S3 bucket permissions so that only the OAC can access the files in the S3 bucket.

66.7%

Create an S3 role in AWS Identity and Access Management (IAM). Allow only the CloudFront distribution to assume the role to access the files in the S3 bucket.

0.0%

Create an S3 bucket policy that uses only the CloudFront distribution ID as the principal and the Amazon Resource Name (ARN) as the target.

33.3%

AWS Certified Security - Specialty

Get started today

Comments