Which solution will meet these requirements?
Create a second CloudFront distribution that has the secondary ALB as the default origin. Create Amazon Route 53 alias records that have a failover policy and Evaluate Target Health set to Yes for both CloudFront distributions. Update the application to use the new record set.
Create a new origin on the distribution for the secondary ALCreate a new origin group. Set the original ALB as the primary origin. Configure the origin group to fail over for HTTP 5xx status codes. Update the default behavior to use the origin group.
Create Amazon Route 53 alias records that have a failover policy and Evaluate Target Health set to Yes for both ALBs. Set the TTL of both records to 0. Update the distribution’s origin to use the new record set.
Create a CloudFront function that detects HTTP 5xx status codes. Configure the function to return a 307 Temporary Redirect error response to the secondary ALB if the function detects 5xx status codes. Update the distribution’s default behavior to send origin responses to the function.
Explanations:
While Route 53 failover with alias records could manage traffic between two CloudFront distributions, using two separate distributions adds complexity and doesn’t support zero-second RTO.
CloudFront origin groups with failover can use the secondary ALB as a failover for the primary ALB in case of HTTP 5xx errors, achieving an automated zero-second RTO.
Route 53 alias records with zero TTL could route traffic, but since CloudFront is configured to use an ALB directly, a DNS-only solution wouldn’t meet the RTO requirements fully.
A CloudFront function can detect HTTP 5xx errors, but functions cannot redirect traffic to another ALB automatically, and this approach wouldn’t achieve the desired zero-second RTO.