SOA-C02 · Question #4
SOA-C02 Question #4: Real Exam Question with Answer & Explanation
The correct answer is D: Origin access identity (OAI). You can restrict access to a S3 bucket from a single CloudFront distribution by using a origin access identity (OAI). This way, the bucket and its object can only be accessed through that OAI.
Question
A SysOps administrator has an Amazon S3 website and wants to restrict access to a single Amazon CloudFront distribution. Visitors to the website should not be able to circumvent CloudFront or view the S3 website directly from the bucket. Which AWS service or feature will meet these requirements?
Options
- AS3 bucket ACL
- BAWS Firewall Manager
- CAmazon Route 53 private hosted zone
- DOrigin access identity (OAI)
Explanation
You can restrict access to a S3 bucket from a single CloudFront distribution by using a origin access identity (OAI). This way, the bucket and its object can only be accessed through that OAI.
Community Discussion
No community discussion yet for this question.