What should a solutions architect do to meet these requirements?

By:
In: SAA-C03
Tagged:
With: 1 Comment
A company sells datasets to customers who do research in artificial intelligence and machine learning (AI/ML).The datasets are large, formatted files that are stored in an Amazon S3 bucket in the us-east-1 Region.The company hosts a web application that the customers use to purchase access to a given dataset.The web application is deployed on multiple Amazon EC2 instances behind an Application Load Balancer.After a purchase is made, customers receive an S3 signed URL that allows access to the files.The customers are distributed across North America and Europe.The company wants to reduce the cost that is associated with data transfers and wants to maintain or improve performance.

What should a solutions architect do to meet these requirements?

Configure S3 Transfer Acceleration on the existing S3 bucket. Direct customer requests to the S3 Transfer Acceleration endpoint. Continue to use S3 signed URLs for access control.

Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin. Direct customer requests to the CloudFront URL. Switch to CloudFront signed URLs for access control.

Set up a second S3 bucket in the eu-central-1 Region with S3 Cross-Region Replication between the buckets. Direct customer requests to the closest Region. Continue to use S3 signed URLs for access control.

Modify the web application to enable streaming of the datasets to end users. Configure the web application to read the data from the existing S3 bucket. Implement access control directly in the application.

Explanations:

While S3 Transfer Acceleration can improve upload and download speeds for customers far from the S3 bucket, it does not significantly reduce costs associated with data transfers compared to other options. Additionally, it requires customers to connect to the specific acceleration endpoint, which may not be as seamless as using CloudFront.

Deploying an Amazon CloudFront distribution in front of the existing S3 bucket can significantly reduce data transfer costs by leveraging edge locations that are closer to customers in North America and Europe. This not only improves performance due to reduced latency but also allows the use of CloudFront signed URLs for access control, maintaining security.

Setting up a second S3 bucket in the eu-central-1 Region with Cross-Region Replication increases complexity and costs due to the additional storage and data transfer charges between the two regions. This option does not inherently provide performance improvements since data is still accessed from S3, which may not be as efficient as using a CDN like CloudFront.

Modifying the web application to enable streaming from S3 would add unnecessary complexity and could lead to increased costs associated with data transfers. Furthermore, the performance improvements would likely be minimal compared to using a CDN like CloudFront, and access control would not be as efficient as using signed URLs from CloudFront.

2025-10-23

1 Comment

  1. Rachel
    Author

    I would say the answer is:
    Deploy an Amazon CloudFront distribution with the existing S3 bucket as the origin. Direct customer requests to the CloudFront URL. Switch to CloudFront signed URLs for access control.

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × 3 =