Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 609 discussion

A company is building a data analysis platform on AWS by using AWS Lake Formation. The platform will ingest data from different sources such as Amazon S3 and Amazon RDS. The company needs a secure solution to prevent access to portions of the data that contain sensitive information.

Which solution will meet these requirements with the LEAST operational overhead?

  • A. Create an IAM role that includes permissions to access Lake Formation tables.
  • B. Create data filters to implement row-level security and cell-level security.
  • C. Create an AWS Lambda function that removes sensitive information before Lake Formation ingests the data.
  • D. Create an AWS Lambda function that periodically queries and removes sensitive information from Lake Formation tables.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Guru4Cloud
Highly Voted 8 months, 3 weeks ago
Selected Answer: B
The key reasons are: Lake Formation data filters allow restricting access to rows or cells in data tables based on conditions. This allows preventing access to sensitive data. Data filters are implemented within Lake Formation and do not require additional coding or Lambda functions. Lambda functions to pre-process data or purge tables would require ongoing development and maintenance. IAM roles only provide user-level permissions, not row or cell level security. Data filters give granular access control over Lake Formation data with minimal configuration, avoiding complex custom code.
upvoted 8 times
awsgeek75
5 months ago
https://docs.aws.amazon.com/lake-formation/latest/dg/data-filters-about.html
upvoted 1 times
...
...
wizcloudifa
Most Recent 1 month, 1 week ago
Selected Answer: B
Focus on the exact wordings: "to prevent access to portions of the data that contain sensitive information." Only option B restricts the platform to access sensitive data, option A restrict users to restrict access that doesn't serve the req here, C and D are talking about removing the sensitive data which is not the ask here
upvoted 1 times
...
ferdzcruz
4 months, 3 weeks ago
portions of the data that contain sensitive information = Filtered data.
upvoted 1 times
...
awsgeek75
5 months ago
Selected Answer: B
A is possible but it does not secure the data properly and only provides table level access control (if any). CD are too much overhead B is exactly for this purpose and is a built-in feature of Lake formation
upvoted 1 times
...
potomac
7 months, 1 week ago
Selected Answer: B
https://docs.aws.amazon.com/lake-formation/latest/dg/data-filters-about.html
upvoted 2 times
...
taustin2
8 months, 3 weeks ago
Selected Answer: B
You can create data filters based on the values of columns in a Lake Formation table. Easy. Lowest operational overhead.
upvoted 1 times
...
nnecode
8 months, 3 weeks ago
Selected Answer: B
The best solution to meet the requirements with the least operational overhead is to create data filters to implement row-level security and cell-level security. Data filters are a feature of Lake Formation that allow you to restrict access to data based on row and column values. This can be used to implement row-level security and cell-level security. To implement row-level security, you would create a data filter that only allows users to access rows where the values in certain columns meet certain criteria. For example, you could create a data filter that only allows users to access rows where the value in the customer_id column matches the user's own customer ID.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...