AWS Certified Solutions Architect – Associate (SAA-C02) — Question 785

A company is running a web-based game in two Availability Zones in the us-west-2 Region. The web servers use an Application Load Balancer (ALB) in public subnets. The ALB has an SSL certificate from AWS Certificate Manager (ACM) with a custom domain name. The game is written in JavaScript and runs entirely in a user's web browser.
The game is increasing in popularity in many countries around the world. The company wants to update the application architecture and optimize costs without compromising performance.
What should a solutions architect do to meet these requirements?

Answer options

• A. Use Amazon CloudFront and create a global distribution that points to the ALB. Reuse the existing certificate from ACM for the CloudFront distribution. Use Amazon Route 53 to update the application alias to point to the distribution.
• B. Use AWS CloudFormation to deploy the application stack to AWS Regions near countries where the game is popular. Use ACM to create a new certificate for each application instance. Use Amazon Route 53 with a geolocation routing policy to direct traffic to the local application instance.
• C. Use Amazon S3 and create an S3 bucket in AWS Regions near countries where the game is popular. Deploy the HTML and JavaScript files to each S3 bucket Use ACM to create a new certificate for each S3 bucket. Use Amazon Route 53 with a geolocation routing policy to direct traffic to the local S3 bucket.
• D. Use Amazon S3 and create an S3 bucket in us-west-2. Deploy the HTML and JavaScript files to the S3 bucket. Use Amazon CloudFront and create a global distribution with the S3 bucket as the origin. Use ACM to create a new certificate for the distribution. Use Amazon Route 53 to update the application alias to point to the distribution.

Correct answer: A

Explanation

Option A is the correct choice because placing Amazon CloudFront in front of the Application Load Balancer (ALB) allows the game's assets to be cached globally at edge locations, reducing latency for international users and minimizing data transfer costs from the ALB. Reusing the existing ACM certificate on CloudFront and updating Route 53 is the most seamless and cost-effective way to optimize performance. Other options like B and C introduce unnecessary management overhead and higher costs by duplicating infrastructure across multiple regions, while D changes the origin architecture and requires generating new certificates unnecessarily.