ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 292 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 292
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A SysOps administrator needs to configure an Amazon S3 bucket to host a web application. The SysOps administrator has created the S3 bucket and has copied the static files for the web application to the S3 bucket.

The company has a policy that all $3 buckets must not be public.

What should the SysOps administrator do to meet these requirements?

  • A. Create an Amazon CloudFront distribution. Configure the S3 bucket as an origin with an origin access identity (OAI). Give the OAI the s3:GetObject permission in the S3 bucket policy.
  • B. Configure static website hosting in the S3 bucket. Use Amazon Route 53 to create a DNS CNAME to point to the S3 website endpoint.
  • C. Create an Application Load Balancer (ALB). Change the protocol to HTTPS in the ALB listener configuration. Forward the traffic to the S3 bucket.
  • D. Create an accelerator in AWS Global Accelerator. Set up a listener configuration for port 443. Set the endpoint type to forward the traffic to the S3 bucket.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by hexie at May 5, 2023, 9:42 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kondratyevmn
Highly Voted 1 year, 7 months ago
Selected Answer: A
A - Option A is the best fit.
upvoted 6 times
...
abitwrong
Most Recent 7 months, 2 weeks ago
Selected Answer: A
"If you don't want to disable block public access settings for your bucket but you still want your website to be public, you can create a Amazon CloudFront distribution to serve your static website." https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteAccessPermissionsReqd.html
upvoted 1 times
...
r2c3po
1 year ago
Selected Answer: B
Options A, C, and D involve additional services (CloudFront, Application Load Balancer, and AWS Global Accelerator), but they may introduce unnecessary complexity for a static web application. Option B is a simpler and more direct solution for hosting static websites in S3.
upvoted 1 times
null0xAF
10 months, 4 weeks ago
B makes no sense since Route 53 will point to a bucket that does not have public permissions. . . Answer is A because you can create OAI and set s3 bucket as origin for CloudFront, and have the Bucket completely blocked publicly
upvoted 4 times
...
...
hexie
1 year, 7 months ago
A. If it was an Alias record instead of CNAME, would be an option as well. Others just doesnt make sense at all.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel