The following question on the SA Pro Migrations quiz asks the following;
"Which of the following options allows users to have secure access to private files located in S3?"
One of the correct answers is is ‘CloudFront Origin Access Identity’.
Perhaps I’m being a bit pedantic, but doesn’t OAI technically block users from accessing private files in S3? It’s really CloudFront with the access, not the user. Again, maybe I’m reading too much into it, but you know…sometimes I’m like that.