ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 8 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 8
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

A company uses Amazon Athena for one-time queries against data that is in Amazon S3. The company has several use cases. The company must implement permission controls to separate query processes and access to query history among users, teams, and applications that are in the same AWS account.
Which solution will meet these requirements?

  • A. Create an S3 bucket for each use case. Create an S3 bucket policy that grants permissions to appropriate individual IAM users. Apply the S3 bucket policy to the S3 bucket.
  • B. Create an Athena workgroup for each use case. Apply tags to the workgroup. Create an IAM policy that uses the tags to apply appropriate permissions to the workgroup.
  • C. Create an IAM role for each use case. Assign appropriate permissions to the role for each use case. Associate the role with Athena.
  • D. Create an AWS Glue Data Catalog resource policy that grants permissions to appropriate individual IAM users for each use case. Apply the resource policy to the specific tables that Athena uses.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by milofficial at Jan. 18, 2024, 9:38 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
milofficial
Highly Voted 1 year, 3 months ago
Selected Answer: B
Haha they copied this from the old DA Specialty. It's B https://docs.aws.amazon.com/athena/latest/ug/user-created-workgroups.html
upvoted 17 times
...
TonyStark0122
Highly Voted 1 year, 2 months ago
B. Create an Athena workgroup for each use case. Apply tags to the workgroup. Create an IAM policy that uses the tags to apply appropriate permissions to the workgroup. Explanation: Athena workgroups allow you to isolate and manage different workloads, users, and permissions. By creating a separate workgroup for each use case, you can control access to query history, manage permissions, and enforce resource usage limits independently for each workload. Applying tags to workgroups allows you to categorize and organize them based on the use case, which simplifies policy management.
upvoted 14 times
...
Scotty_Nguyen
Most Recent 1 month ago
Selected Answer: B
B is correct
upvoted 1 times
...
Manohar24
9 months, 2 weeks ago
Selected Answer: B
B is correct.
upvoted 2 times
...
k350Secops
11 months, 3 weeks ago
Selected Answer: B
The only other answer that's confusing is C But its not the one. Creating separate IAM roles for each use case and associating them with Athena would not provide the necessary isolation and access control for query processes and query history.
upvoted 2 times
...
dev_vicente
1 year, 1 month ago
Selected Answer: B
B is more granular
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago