ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 71 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 71
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

During a security review, a company identified a vulnerability in an AWS Glue job. The company discovered that credentials to access an Amazon Redshift cluster were hard coded in the job script.
A data engineer must remediate the security vulnerability in the AWS Glue job. The solution must securely store the credentials.
Which combination of steps should the data engineer take to meet these requirements? (Choose two.)

  • A. Store the credentials in the AWS Glue job parameters.
  • B. Store the credentials in a configuration file that is in an Amazon S3 bucket.
  • C. Access the credentials from a configuration file that is in an Amazon S3 bucket by using the AWS Glue job.
  • D. Store the credentials in AWS Secrets Manager.
  • E. Grant the AWS Glue job IAM role access to the stored credentials.
Show Suggested Answer Hide Answer
Suggested Answer: DE 🗳️
by rralucard_ at Feb. 2, 2024, 2:01 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GiorgioGss
Highly Voted 7 months, 2 weeks ago
Selected Answer: DE
D because it's AWS best practice for securing creds and E because after you put cred in secrets you will need permissions for accesing
upvoted 9 times
...
damaldon
Most Recent 7 months, 4 weeks ago
Ans, DE
upvoted 1 times
...
rralucard_
9 months ago
Selected Answer: DE
D. Store the credentials in AWS Secrets Manager: AWS Secrets Manager is a service that helps you protect access to your applications, services, and IT resources without the upfront investment and on-going maintenance costs of operating your own infrastructure. It's specifically designed for storing and retrieving credentials securely, and therefore, it is an appropriate choice for handling the Redshift cluster credentials. E. Grant the AWS Glue job IAM role access to the stored credentials: IAM roles for AWS Glue will allow the job to assume a role with the necessary permissions to access the credentials in AWS Secrets Manager. This method avoids embedding credentials directly in the script or a configuration file and allows for centralized management of the credentials.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago