AWS Developer Associate > CloudFront > Flashcards

CloudFront Flashcards

(10 cards)

Study These Flashcards
1
Q

What is AWS Cloudfront?

A
  • Content Delivery Network (CDN)
  • Improves read performance by caching content at edge locations that are geographically closer to the end user in order to reduce latency.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are possible cloudfront origins?

A
  • S3 buckets
  • Custom origin (HTTP)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the main differences between CloundFront and Cross Region Replication (CRR)?

A

CloudFront:

  • Global Edge network
  • Files are cached for a TTL (maybe a day)
  • Great for static content that must be available everywhere

S3 CRR:

  • Must be setup for each region in which you want replication to happen
  • Files are updated in near real time
  • Read only
  • Great for dynamic content that needs to be avilable at low-latency in a few regions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between a CloudFront Signed URL and Signed Cookies?

A
  • A signed URL provides access to individual files (one signed URL per file)
  • A signed cookie provides access to multiple files (one signed cookie to multiple filesU
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Whats the difference between a CloudFront Signed URL and an S3 Pre-signed URL?

A

CloudFront Signed URL:

  • Allow access to a path, no matter the origin
  • Account wide key-pair, only the root can manage it
  • Can filter by IP, path, date, expiration
  • Can leverage caching features

S3 Pre-Signed URL:

  • Issue a request as the person who pre-signed the URL
  • Uses the IAM key of the signing IAM principal
  • Limited lifetime

Use Cases

If you want users to take avantage of CloudFront (and you’ve set up an OAI) then you must use a CloudFront signed URL. This prevents direct access to the S3 bucket. However if you want users to have direct access to an S3 bucket, then use an S3 pre-signed url.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can CloudFront be restricted? What would be a use case for such restriction(s)?

A

Whitelist

Allow users to access your content only if they’re on one of the countries on a list of approved countries.

Blacklist

Prevent your users from accessing your content if they’re in one of the countries on a blacklist of banned countries.

Use Case

Copyright Laws to control access to Content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

For CloudFront GeoRestriction, how is a “country’ determined?

A

Uses a 3rd party Geo-IP database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can security be applied to CloudFront?

A
  • HTTPS
  • Black/White Lists
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is CloudFront caching based on?

A
  • Headers
  • Session Cookies
  • Query String Parameters

The cache is what lives at the CloudFront location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CloudFront is deploying in front of an HTTP origin. After updating your HTTP app, the users still see the old website. What should you do?

A

Invalidate the distribution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
AWS Developer Associate
flashcards
Decks in class (25)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions