Logo
AWS Certified Solutions Architect - Professional / Question #682 of 529

Question #682

A company hosts a web application using AWS Elastic Beanstalk with Amazon RDS as the database. The application is fronted by an Amazon CloudFront distribution configured with an alternate domain name, using the Elastic Beanstalk environment as the origin. During monthly scheduled maintenance windows, the company wants users to see a static maintenance page instead of CloudFront errors. A solutions architect has already created an Amazon S3 bucket to host the maintenance content. What should the solutions architect do next to fulfill this requirement? (Choose three.)

A

Upload the static maintenance page to the S3 bucket.
B

Create a new CloudFront distribution with the S3 bucket as the origin and update DNS records to point to the new distribution during maintenance.
C

Add the S3 bucket as a secondary origin in the existing CloudFront distribution and configure an origin access identity (OAI) for the bucket.
D

Modify the default cache behavior in the CloudFront distribution to point to the S3 origin during maintenance, then revert it afterward.
E

Create a new cache behavior in the existing distribution with a path pattern '*' and precedence 0 during maintenance, then delete it afterward.
F

Configure Elastic Beanstalk to redirect traffic to the S3 bucket during maintenance using a .htaccess file.

Explanation

A: Uploading the static page to S3 is necessary to host the maintenance content.
C: Adding S3 as a secondary origin allows CloudFront to serve the static page. Configuring an OAI ensures secure access to the S3 bucket.
D: Modifying the default cache behavior to use the S3 origin during maintenance ensures all requests are redirected to the static page. Reverting it post-maintenance restores normal operation.

Other options:
B: Updating DNS records is slow and unnecessary since CloudFront supports multiple origins.
E: Creating a new cache behavior with '*' path is possible but involves complex deployment timing due to CloudFront's propagation delays.
F: Elastic Beanstalk cannot redirect if the environment is down, making this approach unreliable.

Key Points:
- Use CloudFront's multiple origins and cache behaviors for seamless maintenance.
- Avoid DNS changes for faster updates.
- OAI secures S3 bucket access.

Answer

The correct answer is: ACD