Ultimate access to all questions.
Answer-first summary for fast verification
Answer: Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin. Direct customer requests to the CloudFront URL. Switch to CloudFront signed URLs for access control.
## Explanation **Why Option B is correct:** 1. **Amazon CloudFront** is a Content Delivery Network (CDN) that caches content at edge locations worldwide, which is ideal for customers distributed across North America and Europe. 2. **Cost reduction**: CloudFront reduces data transfer costs by serving content from edge locations closer to users, minimizing the distance data travels from the S3 origin. 3. **Performance improvement**: CloudFront improves performance through edge caching, reducing latency for end users. 4. **Access control**: CloudFront signed URLs provide secure access control similar to S3 signed URLs, maintaining security while leveraging CloudFront's benefits. **Why other options are incorrect:** **Option A (S3 Transfer Acceleration):** - S3 Transfer Acceleration uses CloudFront's edge network but is designed for faster uploads to S3, not for content delivery to end users. - It doesn't provide caching capabilities, so each request would still need to travel to the S3 bucket in us-east-1. - Less cost-effective for content delivery compared to CloudFront. **Option C (S3 Cross-Region Replication):** - While this would reduce latency for European customers, it increases storage costs (duplicate data in two regions). - Requires managing two buckets and replication. - Doesn't leverage edge caching capabilities. - More complex to implement and maintain. **Option D (Application streaming):** - This would increase EC2 costs as the application servers would need to handle data transfer. - EC2 instances would become a bottleneck for large datasets. - Increases complexity and doesn't leverage AWS's content delivery capabilities. - EC2 data transfer costs are typically higher than CloudFront costs. **Key AWS Services Concepts:** - **CloudFront**: Global CDN with edge locations, caching, and signed URLs for secure content delivery. - **S3 Transfer Acceleration**: Optimizes uploads to S3 using CloudFront edge locations. - **S3 Cross-Region Replication**: Automatically replicates objects between buckets in different regions. - **Signed URLs**: Time-limited URLs that grant temporary access to private content. This solution provides the best combination of cost reduction, performance improvement, and secure access control for globally distributed users accessing large datasets.
Author: LeetQuiz Editorial Team
No comments yet.
A company sells datasets to customers who do research in artificial intelligence and machine learning (AI/ML). The datasets are large, formatted files that are stored in an Amazon S3 bucket in the us-east-1 Region. The company hosts a web application that the customers use to purchase access to a given dataset. The web application is deployed on multiple Amazon EC2 instances behind an Application Load Balancer. After a purchase is made, customers receive an S3 signed URL that allows access to the files.
The customers are distributed across North America and Europe. The company wants to reduce the cost that is associated with data transfers and wants to maintain or improve performance.
What should a solutions architect do to meet these requirements?
A
Configure S3 Transfer Acceleration on the existing S3 bucket. Direct customer requests to the S3 Transfer Acceleration endpoint. Continue to use S3 signed URLs for access control.
B
Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin. Direct customer requests to the CloudFront URL. Switch to CloudFront signed URLs for access control.
C
Set up a second S3 bucket in the eu-central-1 Region with S3 Cross-Region Replication between the buckets. Direct customer requests to the closest Region. Continue to use S3 signed URLs for access control.
D
Modify the web application to enable streaming of the datasets to end users. Configure the web application to read the data from the existing S3 bucket. Implement access control directly in the application.