ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Machine Learning - Specialty All Questions

View all questions & answers for the AWS Certified Machine Learning - Specialty exam
Go to Exam

Exam AWS Certified Machine Learning - Specialty topic 1 question 269 discussion

Exam question from Amazon's AWS Certified Machine Learning - Specialty
Question #: 269
Topic #: 1
[All AWS Certified Machine Learning - Specialty Questions]

A machine learning (ML) specialist uploads a dataset to an Amazon S3 bucket that is protected by server-side encryption with AWS KMS keys (SSE-KMS). The ML specialist needs to ensure that an Amazon SageMaker notebook instance can read the dataset that is in Amazon S3.

Which solution will meet these requirements?

  • A. Define security groups to allow all HTTP inbound and outbound traffic. Assign the security groups to the SageMaker notebook instance.
  • B. Configure the SageMaker notebook instance to have access to the VPC. Grant permission in the AWS Key Management Service (AWS KMS) key policy to the notebook’s VPC.
  • C. Assign an IAM role that provides S3 read access for the dataset to the SageMaker notebook. Grant permission in the KMS key policy to the IAM role.
  • D. Assign the same KMS key that encrypts the data in Amazon S3 to the SageMaker notebook instance.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ADVIT at July 8, 2023, 6:16 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ashii007
1 year, 4 months ago
https://stackoverflow.com/questions/66692579/aws-sagemaker-permissionerror-access-denied-reading-data-from-s3-bucket 'C' is the correct answer.
upvoted 2 times
...
kaike_reis
1 year, 4 months ago
Selected Answer: C
Note that the question does not mention VPC, so we discard Letter B. Letter C appears to be correct, as they use IAM to grant permission (congruent with their role). SG is beyond the scope of KMS, so we discard Letter A. Letter D is incongruous.
upvoted 2 times
...
Mickey321
1 year, 5 months ago
Selected Answer: C
Option C allows the ML specialist to assign an IAM role that provides S3 read access for the dataset to the SageMaker notebook. IAM is a service that helps users manage access to AWS resources. An IAM role is an entity that defines a set of permissions for making AWS service requests. The ML specialist can create an IAM role that has a policy that allows the notebook to read the dataset from the S3 bucket. The ML specialist can then attach the IAM role to the notebook when creating or updating it.
upvoted 2 times
...
awsarchitect5
1 year, 5 months ago
Selected Answer: C
C it is
upvoted 2 times
...
kukreti18
1 year, 5 months ago
C is correct
upvoted 3 times
...
ADVIT
1 year, 5 months ago
100% it's D.
upvoted 1 times
kaike_reis
1 year, 4 months ago
It's not
upvoted 2 times
...
fa0d8b7
1 year ago
stop misleading people
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel