Which solution will meet these requirements?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company hosts an application on AWS.The application gives users the ability to upload photos and store the photos in an Amazon S3 bucket.The company wants to use Amazon CloudFront and a custom domain name to upload the photo files to the S3 bucket in the eu-west-1 Region.

Which solution will meet these requirements?

(Choose two.)

Use AWS Certificate Manager (ACM) to create a public certificate in the us-east-1 Region. Use the certificate in CloudFront.

Use AWS Certificate Manager (ACM) to create a public certificate in eu-west-1. Use the certificate in CloudFront.

Configure Amazon S3 to allow uploads from CloudFront. Configure S3 Transfer Acceleration.

Configure Amazon S3 to allow uploads from CloudFront origin access control (OAC).

Configure Amazon S3 to allow uploads from CloudFront. Configure an Amazon S3 website endpoint.

Explanations:

ACM certificates inus-east-1are required for CloudFront distributions using HTTPS, regardless of the S3 bucket’s region.

ACM certificates ineu-west-1cannot be used with CloudFront, as CloudFront requires certificates to be inus-east-1.

S3 Transfer Acceleration is for speeding up uploads globally but is not needed when using CloudFront, which already provides global caching.

CloudFront origin access control (OAC) is the recommended way to securely allow CloudFront to upload content directly to an S3 bucket.

An S3 website endpoint is for static website hosting and does not support secure uploads from CloudFront.

Leave a Reply

Your email address will not be published. Required fields are marked *

11 − 9 =