Which solution will meet these requirements?
Use Amazon S3 to store the images. Turn on multi-factor authentication (MFA) and public bucket access. Provide customers with a link to the S3 bucket.
Use Amazon S3 to store the images. Create an IAM user for each customer. Add the users to a group that has permission to access the S3 bucket.
Use Amazon EC2 instances that are behind Application Load Balancers (ALBs) to store the images. Deploy the instances only in the countries the company services. Provide customers with links to the ALBs for their specific country’s instances.
Use Amazon S3 to store the images. Use Amazon CloudFront to distribute the images with geographic restrictions. Provide a signed URL for each customer to access the data in CloudFront.
Explanations:
Storing images in S3 and using MFA and public bucket access does not control access by country and would expose the images to anyone with the link. This solution lacks proper geographic restrictions and does not minimize costs.
Using IAM users for each customer does not solve the problem of restricting access by country and does not address performance concerns. This approach can lead to complex management and high overhead.
Using EC2 instances and ALBs is more expensive and complex than necessary. It also requires managing servers in different countries, which does not scale well for global access.
Using S3 with CloudFront and geographic restrictions is cost-effective, scalable, and meets the requirement of denying access from specific countries. CloudFront’s signed URLs can control access while distributing content efficiently.