AWS Certified Solutions Architect – Professional (SAP-C02) — Question 386

A company has a website that serves many visitors. The company deploys a backend service for the website in a primary AWS Region and a disaster recovery (DR) Region.

A single Amazon CloudFront distribution is deployed for the website. The company creates an Amazon Route 53 record set with health checks and a failover routing policy for the primary Region’s backend service. The company configures the Route 53 record set as an origin for the CloudFront distribution. The company configures another record set that points to the backend service's endpoint in the DR Region as a secondary failover record type. The TTL for both record sets is 60 seconds.

Currently, failover takes more than 1 minute. A solutions architect must design a solution that will provide the fastest failover time.

Which solution will achieve this goal?

Answer options

• A. Deploy an additional CloudFront distribution. Create a new Route 53 failover record set with health checks for both CloudFront distributions.
• B. Set the TTL to 4 second for the existing Route 53 record sets that are used for the backend service in each Region.
• C. Create new record sets for the backend services by using a latency routing policy. Use the record sets as an origin in the CloudFront distribution.
• D. Create a CloudFront origin group that includes two origins, one for each backend service Region. Configure origin failover as a cache behavior for the CloudFront distribution.

Correct answer: D

Explanation

CloudFront origin failover allows CloudFront to automatically redirect traffic to a secondary origin when the primary origin returns specific HTTP error status codes. This edge-level failover occurs almost instantaneously, bypassing the propagation delays inherent to DNS-based failover. Route 53 DNS failover is subject to client-side caching and TTL delays, which prevents it from being the fastest solution.