AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 249

You have just deployed a website that utilizes CloudFront, ELB, and S3 to serve content. When users access your site, they are seeing broken image links. What is most likely the problem?

Answer options

• A. There is no record in Route 53 pointing cdn.yourdomain.com to the CloudFront ALIAS.
• B. You need to create Origin Access Identity for CloudFront and add it to your bucket policy. [1]
• D. There is no rule in your bucket policy allowing public access.

Correct answer: B

Explanation

The correct answer is B because creating an Origin Access Identity (OAI) for CloudFront and updating the S3 bucket policy allows secure access to the bucket's content through CloudFront. Option A is incorrect since a missing Route 53 record would lead to accessibility issues, but not specifically broken images. Option D is also wrong because while a lack of public access can cause issues, the OAI is specifically needed to allow CloudFront to access the S3 bucket.