1 / 1010%
Question 1 of 10
You manage an application, which distributes media to a global audience. The application historically used local instance storage to store the media content and an EC2 instance to serve it to customers. A previous SA rearchitected the solution to use S3 for static content hosting with a CloudFront distribution for global content delivery. You have been called into a meeting to address an urgent issue. It appears that customers can now access content without paying or being logged into the application. What ways can you suggest to address the issue (Choose 2)
AEnsure the instance is using an IAM role; configure the S3 bucket policy to only allow access from this role.
BConfigure a bucket policy and set Origin Access Identity (OAI)
CAdd Trusted signers to a CloudFront behaviour
DRestrict based on application user name and the user-passthrough authentication type on the CloudFront IDP setting
EIntegrate the CloudFront distribution with the application using web identity federation and Cognito