Question

Which of the following options allows users to have secure access to private files located in S3? (Choose 3)

A. CloudFront Origin Access Identity
B. Public S3 buckets
C. CloudFront Signed Cookies
D. CloudFront Signed URLs

Answer 1

Secure access to private S3 files is possible through CloudFront Origin Access Identity, CloudFront Signed Cookies, and CloudFront Signed URLs. Public S3 buckets do not provide secure access.

Step-by-step explanation:

The question asks about methods for secure access to private files in Amazon S3. Users can securely access private files in S3 using a combination of AWS services and features. The options include:

• CloudFront Origin Access Identity (OAI): This is used to restrict access to an S3 bucket to only the AWS CloudFront content delivery network, preventing direct access to the files.
• CloudFront Signed Cookies: These provide secure access to multiple restricted files, such as an entire directory or multiple files, by setting a custom policy with cookies.
• CloudFront Signed URLs: They provide a secure way to grant temporary access to a single private file through a URL signed with an AWS access key.

Option B, Public S3 buckets, is not secure as it makes the files available to anyone on the internet.