ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Engineer - Associate DEA-C01 All Questions

View all questions & answers for the AWS Certified Data Engineer - Associate DEA-C01 exam
Go to Exam

Exam AWS Certified Data Engineer - Associate DEA-C01 topic 1 question 176 discussion

Exam question from Amazon's AWS Certified Data Engineer - Associate DEA-C01
Question #: 176
Topic #: 1
[All AWS Certified Data Engineer - Associate DEA-C01 Questions]

A company uses Amazon S3 to store data and Amazon QuickSight to create visualizations,

The company has an S3 bucket in an AWS account named Hub-Account. The S3 bucket is encrypted by an AWS Key Management Service (AWS KMS) key. The company's QuickSight instance is in a separate account named BI-Account.

The company updates the S3 bucket policy to grant access to the QuickSight service role. The company wants to enable cross-account access to allow QuickSight to interact with the S3 bucket.

Which combination of steps will meet this requirement? (Choose two.)

  • A. Use the existing AWS KMS key to encrypt connections from QuickSight to the S3 bucket.
  • B. Add the S3 bucket as a resource that the QuickSight service role can access.
  • C. Use AWS Resource Access Manager (AWS RAM) to share the S3 bucket with the BI-Account account.
  • D. Add an IAM policy to the QuickSight service role to give QuickSight access to the KMS key that encrypts the S3 bucket.
  • E. Add the KMS key as a resource that the QuickSight service role can access.
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
by Parandhaman_Margan at Oct. 27, 2024, 5:40 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
YUICH
2 weeks ago
Selected Answer: B
BD Conclusion: To enable cross-account access for both (1) the Amazon S3 bucket and (2) the KMS key used to encrypt that bucket, the QuickSight service role must be granted the appropriate permissions. Among the provided options, the following two steps are essential: B. Add the S3 bucket as a resource the QuickSight service role can access (→ Allows cross-account access to the S3 bucket) D. Add an IAM policy to the QuickSight service role that grants access to the KMS key (→ Allows decryption of data encrypted by the KMS key)
upvoted 1 times
...
stevejake
2 weeks, 6 days ago
Selected Answer: D
S3 bucket policy is already updated from the question. Hence KMS key policy and IAM policy need to be altered to allow QuickSight service account to access KMS key.
upvoted 1 times
...
YUICH
4 weeks, 1 day ago
Selected Answer: B
Given that the question states “Update the S3 bucket policy to allow access for the QuickSight service role” and, from the perspective of “enabling cross-account access so that QuickSight can interact with the S3 bucket,” is asking what additional steps are needed, we can conclude that: (B) “Add the S3 bucket as a resource accessible by the QuickSight service role” (E) “Add the KMS key as a resource accessible by the QuickSight service role” together most succinctly represent the final actions required.
upvoted 1 times
...
devan007
2 months, 1 week ago
Selected Answer: E
D & E S3 bucket policy is already updated from the question. Hence KMS key policy and IAM policy need to be altered to allow QuickSight service account to access KMS key.
upvoted 2 times
...
michele_scar
2 months, 2 weeks ago
Selected Answer: E
B for bucket access E for KMS key policy
upvoted 1 times
...
Eleftheriia
2 months, 3 weeks ago
It is BD
upvoted 2 times
...
kupo777
3 months ago
Correct Answer: DE
upvoted 3 times
...
truongnguyen86
3 months, 1 week ago
Answer BE: Step to enable cross-account access: 1. update S3 bucket policy in Hub-account (B) 2. Update the KMS key Policy in Hub-Account(E) 3. Config QuickSight to access S3
upvoted 3 times
...
pikuantne
3 months, 1 week ago
Answer: BD
upvoted 3 times
...
2022MMTT
3 months, 1 week ago
Answer : DE
upvoted 3 times
...
Parandhaman_Margan
3 months, 1 week ago
Answer:BE
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago