ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 42 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 42
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

A company has five offices in different AWS Regions. Each office has its own human resources (HR) department that uses a unique IAM role. The company stores employee records in a data lake that is based on Amazon S3 storage.
A data engineering team needs to limit access to the records. Each HR department should be able to access records for only employees who are within the HR department's Region.
Which combination of steps should the data engineering team take to meet this requirement with the LEAST operational overhead? (Choose two.)

  • A. Use data filters for each Region to register the S3 paths as data locations.
  • B. Register the S3 path as an AWS Lake Formation location.
  • C. Modify the IAM roles of the HR departments to add a data filter for each department's Region.
  • D. Enable fine-grained access control in AWS Lake Formation. Add a data filter for each Region.
  • E. Create a separate S3 bucket for each Region. Configure an IAM policy to allow S3 access. Restrict access based on Region.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by atu1789 at Jan. 28, 2024, 9:38 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
rralucard_
Highly Voted 1 year, 3 months ago
Selected Answer: BD
https://docs.aws.amazon.com/lake-formation/latest/dg/data-filters-about.html https://docs.aws.amazon.com/lake-formation/latest/dg/access-control-fine-grained.html
upvoted 5 times
...
ctndba
Most Recent 5 months, 3 weeks ago
B: Since its a initial step for leverage fine grain control of Lakeformation. D: Give granular level control and meets the requirement
upvoted 1 times
...
pypelyncar
10 months, 4 weeks ago
Selected Answer: BD
Registering the S3 path as an AWS Lake Formation location is the first step in leveraging Lake Formation's data governance and access control capabilities. This allows the data engineering team to centrally manage and govern the data stored in the S3 data lake. Enabling fine-grained access control in AWS Lake Formation and adding a data filter for each Region is the key step to achieve the desired access control. Data filters in Lake Formation allow you to define row-level and column-level access policies based on specific conditions or attributes, such as the Region in this case
upvoted 4 times
...
rralucard_
1 year, 3 months ago
If your table stored in an AWS Glue Data Catalog has tens and hundreds of thousands and millions of partitions, you can enable partition indexes on the table. With partition indexes, only the metadata for the partition value in the query’s filter is retrieved from the catalog instead of retrieving all the partitions’ metadata. The result is faster queries for such highly partitioned tables. The following table compares query runtimes between a partitioned table with no partition indexing and with partition indexing. The table contains approximately 100,000 partitions and uncompressed text data. The orders table is partitioned by the o_custkey column.
upvoted 1 times
...
atu1789
1 year, 3 months ago
Selected Answer: BD
BD makes sense
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago