A solutions architect must design a solution that uses Amazon CloudFront with an Amazon S3 origin to store a static website. The company's security policy requires that all website traffic be inspected by AWS WAF. How should the solutions architect comply with these requirements?
A) Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only.
B) Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin.
C) Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only. Associate AWS WAF to CloudFront.
D) Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket. Enable AWS WAF on the distribution.
Correct Answer:
Verified
Q321: A company is building applications in containers.
Q322: A company's near-real-time streaming application is running
Q323: A company needs to comply with a
Q324: A company has a highly dynamic batch
Q325: A company's packaged application dynamically creates and
Q327: A company has media and application files
Q328: A solutions architect is designing a security
Q329: A company has a 10 Gbps AWS
Q330: A company is deploying a web portal.
Q331: A company uses Amazon Redshift for its
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents