Answer-first summary for fast verification
Answer: Origin access identity (OAI)
Origin Access Identity (OAI) or OAC (Origin Access Control) allows CloudFront to access private S3 bucket while denying direct public access to S3. Bucket policy can restrict to only the OAI, ensuring only through CloudFront.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A SysOps administrator wants to restrict an S3 static website to be accessible only through a single CloudFront distribution. Which AWS service or feature meets this?
A
S3 bucket ACL
B
AWS Firewall Manager
C
Amazon Route 53 private hosted zone
D
Origin access identity (OAI)
No comments yet.