Serve Private Content with CloudFront
Question
In order to serve private content , which of the following can be used with Cloudfront.
Choose 2 answers from the options shown below.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A and D.
You can configure CloudFront to require that users access your objects using either signed URLs or signed cookies.
For more information on serving private content, please refer to the below link:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.htmlTo serve private content with CloudFront, you can use two methods - Signed URLs and Signed Cookies.
Signed URLs: A signed URL provides access to a private object in Amazon S3 or a private resource on a web server through CloudFront. When you generate a signed URL, you provide the expiration time and access permissions for the URL. The URL includes a signature that verifies the identity of the signer and the expiration time. You can distribute this signed URL to your users, and they can access the private content until the URL expires.
Signed Cookies: A signed cookie is a way to authenticate and authorize access to your private content. You create a policy statement that specifies the access permissions for the content and a secret key that CloudFront uses to create a signature. CloudFront then creates a cookie that includes the policy statement and signature. You distribute this cookie to your users, and they use it to access the private content until the cookie expires.
Signed objects and signed distributions are not valid options for serving private content with CloudFront. Signed objects is a feature of Amazon S3 that allows you to restrict access to objects in S3 by creating signed URLs or signed cookies. Signed distributions is not a valid feature in CloudFront.
In summary, the two options for serving private content with CloudFront are Signed URLs and Signed Cookies.
