ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Analytics - Specialty All Questions

View all questions & answers for the AWS Certified Data Analytics - Specialty exam
Go to Exam

Exam AWS Certified Data Analytics - Specialty topic 1 question 108 discussion

Exam question from Amazon's AWS Certified Data Analytics - Specialty
Question #: 108
Topic #: 1
[All AWS Certified Data Analytics - Specialty Questions]

A company has a data lake on AWS that ingests sources of data from multiple business units and uses Amazon Athena for queries. The storage layer is Amazon
S3 using the AWS Glue Data Catalog. The company wants to make the data available to its data scientists and business analysts. However, the company first needs to manage data access for Athena based on user roles and responsibilities.
What should the company do to apply these access controls with the LEAST operational overhead?

  • A. Define security policy-based rules for the users and applications by role in AWS Lake Formation.
  • B. Define security policy-based rules for the users and applications by role in AWS Identity and Access Management (IAM).
  • C. Define security policy-based rules for the tables and columns by role in AWS Glue.
  • D. Define security policy-based rules for the tables and columns by role in AWS Identity and Access Management (IAM).
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by taizo777 at Aug. 22, 2021, 10:45 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Katapangan55
Highly Voted 3 years, 7 months ago
https://aws.amazon.com/lake-formation/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc "You can use Lake Formation to centrally define security, governance, and auditing policies in one place, versus doing these tasks per service, and then enforce those policies for your users across their analytics applications. Your policies are consistently implemented, eliminating the need to manually configure them across security services like AWS Identity and Access Management and AWS Key Management Service, storage services like S3, and analytics and machine learning services like Redshift, Athena, and (in beta) EMR for Apache Spark. This reduces the effort in configuring policies across services and provides consistent enforcement and compliance."
upvoted 15 times
Katapangan55
3 years, 7 months ago
I meant to put A
upvoted 1 times
...
...
taizo777
Highly Voted 3 years, 9 months ago
I think A is right answer
upvoted 12 times
...
pk349
Most Recent 2 years, 1 month ago
A: I passed the test
upvoted 2 times
...
cloudlearnerhere
2 years, 7 months ago
Selected Answer: A
Correct answer is A as AWS Lake Formation helps define security policy-based rules for the users and applications by role centrally and easily with the LEAST operational overhead.
upvoted 5 times
...
hary104
2 years, 9 months ago
A is the answer. - Multiple BUs, Data Calatlog. - permission handling. - use LKF
upvoted 1 times
...
muhsin
2 years, 9 months ago
the answer is B. least operational overhead means "don't set up anything new". Athena has capability to provide access control via IAM (resource-based, action based) https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonathena.html
upvoted 2 times
...
rocky48
2 years, 10 months ago
Selected Answer: A
A is right answer
upvoted 2 times
...
Ramshizzle
2 years, 12 months ago
Selected Answer: A
As already explained in this topic. The answer should be A. Using Lake Formation it is much easier to assign data access to roles. Glue can also work, but it is harder. Using IAM I don't think you can achieve fine-grained access.
upvoted 3 times
...
Bik000
3 years ago
Selected Answer: D
Agree. Answer D is correct
upvoted 1 times
rav009
2 years, 8 months ago
IAM policy can't do column-level security for athena, only table level.
upvoted 4 times
...
...
ThomasKalva
3 years, 7 months ago
A is the answer for new data lake builder to maintain access to lake.
upvoted 1 times
...
doobc
3 years, 8 months ago
Why is it A? Not B?
upvoted 1 times
doobc
3 years, 8 months ago
A is easier
upvoted 1 times
...
...
Marcinha
3 years, 8 months ago
I think B is the correct answer.
upvoted 1 times
Marcinha
3 years, 8 months ago
Changed A is correct.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel