Explanation:
An Origin Access Identity (OAI) (or Origin Access Control - OAC) is used to restrict direct access to an Amazon S3 bucket so that users can only access the content through a specified Amazon CloudFront distribution. This ensures that users cannot bypass CloudFront to view S3 objects directly.
Ultimate access to all questions.
Question 38
A SysOps administrator has an Amazon S3 website and wants to restrict access to a single Amazon CloudFront distribution. Visitors to the website should not be able to circumvent CloudFront or view the S3 website directly from the bucket. Which AWS service or feature will meet these requirements?
A
S3 bucket ACL
B
AWS Firewall Manager
C
Amazon Route 53 private hosted zone
D
Origin access identity (OAI)
No comments yet.