Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 63 Topic 7 Discussion

SCS-C02 Exam Topic 7 Question 63 Discussion:

Question #: 63

Topic #: 7

A company has a web server in the AWS Cloud. The company will store the content for the web server in an Amazon S3 bucket. A security engineer must use an Amazon CloudFront distribution to speed up delivery of the content. None of the files can be publicly accessible from the S3 bucket direct.
Which solution will meet these requirements?

Configure the permissions on the individual files in the S3 bucket so that only the CloudFront distribution has access to them.

Create an origin access identity (OAI). Associate the OAI with the CloudFront distribution. Configure the S3 bucket permissions so that only the OAI can access the files in the S3 bucket.

Create an S3 role in AWS Identity and Access Management (IAM). Allow only the CloudFront distribution to assume the role to access the files in the S3 bucket.

Create an S3 bucket policy that uses only the CloudFront distribution ID as the principal and the Amazon Resource Name (ARN) as the target.

Get Premium SCS-C02 Questions

Actual exam question for Amazon Web Services SCS-C02 exam by Lumen7928 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 63 Topic 7 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 63 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 63 Topic 7 Discussion

Amazon Web Services AWS Certified Security - Specialty SCS-C02 Question # 63 Topic 7 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval