Your company is planning to use Cloudfront along with S3 as the origin. There is a requirement to serve private content from S3. There is a requirement to ensure that access is restricted for certain individual files. How would you deliver the private content?

Answer options:

A.Use Signed URLs.
B.Use Signed Cookies.
C.Use Private Keys.
D.Use Security Groups.

Answer – A
The AWS Documentation mentions the following.
Use signed URLs in the following cases.
· You want to use an RTMP distribution. Signed cookies aren`t supported for RTMP distributions.
· You want to restrict access to individual files, for example, an installation download for your application.
· Your users use a client (for example, a custom HTTP client) that doesn`t support cookies.
Use signed cookies in the following cases:
· You want to provide access to multiple restricted files, for example, all of the files for a video in HLS format or all of the files in the subscribers` area of a website.
· You don`t want to change your current URLs.
Option B is incorrect since access here needs to be restricted for certain individual files.
Option C is incorrect since this is better for encryption purposes.
Option D is incorrect since this should be used for EC2 Instances.
For more information on a better understanding of serving private content, please refer to the below URL
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-choosing-signed-urls-cookies.html