ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 130 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 130
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

A company has implemented a lake house architecture in Amazon Redshift. The company needs to give users the ability to authenticate into Redshift query editor by using a third-party identity provider (IdP).

A data engineer must set up the authentication mechanism.

What is the first step the data engineer should take to meet this requirement?

  • A. Register the third-party IdP as an identity provider in the configuration settings of the Redshift cluster.
  • B. Register the third-party IdP as an identity provider from within Amazon Redshift.
  • C. Register the third-party IdP as an identity provider for AVS Secrets Manager. Configure Amazon Redshift to use Secrets Manager to manage user credentials.
  • D. Register the third-party IdP as an identity provider for AWS Certificate Manager (ACM). Configure Amazon Redshift to use ACM to manage user credentials.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by teo2157 at Aug. 9, 2024, 12:09 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
PashoQ
Highly Voted 7 months, 1 week ago
Selected Answer: B
https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-native-idp.html register the identity provider with Amazon Redshift, using SQL statements, which set authentication parameters that are unique to the identity provider.
upvoted 7 times
...
komorebi
Highly Voted 8 months, 3 weeks ago
Selected Answer: A
Answer is A
upvoted 6 times
Salam9
3 months ago
Incorrect. Amazon Redshift provides native IdP federation. Therefore, you can use your third-party IdP for authentication and permission management. To use this feature, you need to register the IdP with Amazon Redshift, not with the individual clusters.
upvoted 1 times
...
...
solopez_111
Most Recent 2 months, 3 weeks ago
Selected Answer: A
Since the question is asking for "The first step", the correct answer is A. "First, you register Amazon Redshift as a third-party application with your identity provider, requesting the necessary API permissions" https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-native-idp.html
upvoted 1 times
...
YUICH
2 months, 4 weeks ago
Selected Answer: B
Why Option (A) is Correct Redshift Uses SAML at the Cluster Level To enable single sign-on with a SAML 2.0–compatible IdP (for example, Okta or Azure AD) for Redshift Query Editor, you register the IdP by uploading its SAML metadata in the Amazon Redshift console. This is done at the cluster configuration or security level—not “within” the database engine itself. Option (B): “Within Amazon Redshift” There is no direct command such as CREATE IDENTITY PROVIDER inside Redshift SQL. Federating a third-party IdP requires configuring the cluster to trust that IdP’s SAML metadata. That is done via the AWS console or CLI at the cluster level, not by running commands inside the database.
upvoted 3 times
YUICH
2 months, 4 weeks ago
sorry my answer is A
upvoted 2 times
...
...
Salam9
3 months ago
Selected Answer: B
I have seen this official answer in the practical exam on the AWS Skills Builder website. Learn more https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-native-idp.html#redshift-iam-access-control-native-idp-setup
upvoted 2 times
...
BigMrT
3 months, 3 weeks ago
Selected Answer: A
Redshift does not support directly registering the IdP "within" the service. The registration must be done through the cluster configuration settings.
upvoted 1 times
...
paali
4 months, 2 weeks ago
Selected Answer: B
o complete the preliminary setup between the identity provider and Amazon Redshift, you perform a couple of steps: First, you register Amazon Redshift as a third-party application with your identity provider, requesting the necessary API permissions. Then you create users and groups in the identity provider. Last, you register the identity provider with Amazon Redshift, using SQL statements, which set authentication parameters that are unique to the identity provider. As part of registering the identity provider with Redshift, you assign a namespace to make sure users and roles are grouped correctly.
upvoted 2 times
...
RockyLeon
5 months ago
Selected Answer: B
https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-native-idp.html
upvoted 3 times
...
mzansikiller
8 months, 1 week ago
To enable users to authenticate into the Amazon Redshift query editor using a third-party identity provider (IdP), the data engineer must first register that IdP within the configuration settings of the Redshift cluster itself. Amazon Redshift natively supports integrating with external identity providers to manage user authentication. By registering the third-party IdP directly in the Redshift cluster settings, it establishes the trust relationship needed for Redshift to rely on that IdP for authenticating users when they log into the query editor. Answer A
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago