Question 14: You are working with a Healthcare Data Provider which has web application hosted in domain called http://healthydata.com and you are one of the web developer for this web application. This application also want to show patient historical data in beautiful charts. Hence, your company had partnered with another third party company to get all the Java Script charting codes from them. This third party company said that all the script is hosted in an AWS S3 bucket called “forhealthydata”. But when your application launched you find that this java scripts are not available what do you think could be the reason for that?
- Your partner have S3 bucket “forhealthydata” in a separate region than your website. And they have not enabled the CRR, cross region replication for that bucket.
- Your partner has kept all the Java Scripts in encrypted format in the bucket. You need to use KMS solution to decrypt the Java script before using them with Client side decryption.
- You have not defined NACL rule for accessing resources outside of your domain.
- You cannot directly access the data from the S3 buckets or another user, while loading the website in browser. You have to first copy these Java Scripts file in your account bucket and then only you can use them.
- You will ask third party solution provider to configure the CORS (Cross origin Request) for your domain healthydata.com
Correct Answer : E
Detailed Explanation: To reach the right solution we need to first understand what is the question want, requirement is very simple a third party vendor had kept the Java Scripts file in one S3 bucket and you want to access them while loading your website, but you are not able to use it. You need to find first where could be the issue. In such cases first you have to look whether proper permissions are in place or not.
If you look the given option, it is very difficult to choose correct one. Let’s reduce the option one by one and then reach to the correct one.
- S3 buckets are global resources and can be access from anywhere. If the permissions are in place. So option 1 can not be an answer.
- There is no need to keep the Java Scripts file in encrypted, because once loaded in the browser anybody can view and use it. Again this can not be a correct answer.
- NACL is more of a firewall to allow or deny the permissions based on IP addresses and ports. On the EC2 instances in a VPC subnet. Not relevant given requirement. Hence, can not be a correct answer.
- If permissions are in place you can access S3 bucket resources from anywhere. So option 4 can not be a correct answer.
- Remaining option 5 says that CORS to be configured correctly. What is CORS?
- It defines a way for client web applications that are loaded in one domain to interact with the resources in a different domain.
- With CORS support, you can build rich client-side application with AWS S3 and selectively allow cross-origin access to your AWS S3 resources.
- So option 5 is correct in given requirement.