Q69 — AWS ANS-C01 Ch.1

Question 69 of 100 | ← Chapter 1

A company hosts a web application on Amazon EC2 instances behind an Application Load Balancer (ALB). The ALB is the origin in an Amazon CloudFront distribution. The company wants to implement a custom authentication system that will provide a token for its authenticated Customers. The web application must ensure that the GET/POST requests come from authenticated customers before it delivers the content. A network Engineer must design a solution that gives the web application the ability to identify authorized customers. What is the MOST operationally e¨cient solution that meets these requirements?

Correct Answer: C. Use an AWS Lambda@Edge function to inspect the authorized token inside the GET/POST request payload. Use the Lambda@Edge function Also to insert a customized header to inform the web application of an authenticated customer request.

Explanation

使用AWSLambda@Edge函数在CloudFront边缘位置检查GET/POST请求中的授权令牌,并插入自定义标头以通知Web应用程序请求已认证客户。这种方法能够在请求到达源服务器前验证用户身份,确保只有认证用户才能访问内容,同时保持低延迟和高效率。Lambda@Edge函数的执行位置靠近用户,减少了数据传输的延迟,提升了用户体验,并且在操作上更为高效。 查看全部