What should the company do to meet these requirements?

By:
On:
In: DVA-C01
Tagged:
With: 0 Comments
A global company has a mobile app with static data stored in an Amazon S3 bucket in the us-east-1 Region.The company serves the content through an AmazonCloudFront distribution.The company is launching the mobile app in South Africa.The data must reside in the af-south-1 Region.The company does not want to deploy a specific mobile client for South Africa.

What should the company do to meet these requirements?

Use the CloudFront geographic restriction feature to block access to users in South Africa.

Create a Lambda@Edge function. Associate the Lambda@Edge function as an origin request trigger with the CloudFront distribution to change the S3 origin Region.

Create a Lambda@Edge function. Associate the Lambda@Edge function as a viewer response trigger with the CloudFront distribution to change the S3 origin Region.

Include af-south-1 in the alternate domain name (CNAME) of the CloudFront distribution.

Explanations:

The geographic restriction feature in CloudFront blocks or allows access based on geographic locations. It does not change the S3 origin region or move data to another region.

Creating a Lambda@Edge function as an origin request trigger allows for the modification of the CloudFront origin region. This can ensure the S3 bucket is accessed from the af-south-1 region instead of us-east-1.

A viewer response trigger happens after CloudFront responds to the viewer’s request, which would not allow changing the S3 origin region. The origin request trigger is the correct location for this modification.

Including af-south-1 in the alternate domain name (CNAME) of the CloudFront distribution does not affect the region of the S3 bucket. CNAMEs are used for domain mapping, not for changing the region of data storage.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 + thirteen =