ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Data Analytics - Specialty All Questions

View all questions & answers for the AWS Certified Data Analytics - Specialty exam
Go to Exam

Exam AWS Certified Data Analytics - Specialty topic 1 question 49 discussion

Exam question from Amazon's AWS Certified Data Analytics - Specialty
Question #: 49
Topic #: 1
[All AWS Certified Data Analytics - Specialty Questions]

A large company has a central data lake to run analytics across different departments. Each department uses a separate AWS account and stores its data in an
Amazon S3 bucket in that account. Each AWS account uses the AWS Glue Data Catalog as its data catalog. There are different data lake access requirements based on roles. Associate analysts should only have read access to their departmental data. Senior data analysts can have access in multiple departments including theirs, but for a subset of columns only.
Which solution achieves these required access patterns to minimize costs and administrative tasks?

  • A. Consolidate all AWS accounts into one account. Create different S3 buckets for each department and move all the data from every account to the central data lake account. Migrate the individual data catalogs into a central data catalog and apply fine-grained permissions to give to each user the required access to tables and databases in AWS Glue and Amazon S3.
  • B. Keep the account structure and the individual AWS Glue catalogs on each account. Add a central data lake account and use AWS Glue to catalog data from various accounts. Configure cross-account access for AWS Glue crawlers to scan the data in each departmental S3 bucket to identify the schema and populate the catalog. Add the senior data analysts into the central account and apply highly detailed access controls in the Data Catalog and Amazon S3.
  • C. Set up an individual AWS account for the central data lake. Use AWS Lake Formation to catalog the cross-account locations. On each individual S3 bucket, modify the bucket policy to grant S3 permissions to the Lake Formation service-linked role. Use Lake Formation permissions to add fine-grained access controls to allow senior analysts to view specific tables and columns.
  • D. Set up an individual AWS account for the central data lake and configure a central S3 bucket. Use an AWS Lake Formation blueprint to move the data from the various buckets into the central S3 bucket. On each individual bucket, modify the bucket policy to grant S3 permissions to the Lake Formation service-linked role. Use Lake Formation permissions to add fine-grained access controls for both associate and senior analysts to view specific tables and columns.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Priyanka_01 at Aug. 15, 2020, 7 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Thiya
Highly Voted 3 years, 4 months ago
Answer is C. I have implemented federated data lake.
upvoted 15 times
...
cloudlearnerhere
Highly Voted 2 years, 5 months ago
Selected Answer: C
Correct answer is C as AWS Data Lake Formation can help provide a centralized place for maintaining data catalog to various locations, without moving the data. Also, AWS Lake Formation permissions can help provide a central access control location. Option A is wrong as consolidating accounts would increase administrative tasks. Option B is wrong as although it might work, it is more simpler to use AWS Lake Formation for access control. Option D is wrong as moving all the data to central S3 would duplicate the storage cost and increase administrative tasks.
upvoted 10 times
...
GCPereira
Most Recent 1 year, 3 months ago
accounts consolidation has a big administrative effort... then A is discarded... B works but doesn't have permission requirements for an analyst role... then B is discarded... if we talk about fine-grained access control and the strong power of data catalog, lake formation always is the better option... not expansive and easy to use... a central bucket is a big administrative effort and increases storage costs due to data storage duplication... then D is discarded... C any througs?
upvoted 1 times
...
pk349
1 year, 11 months ago
C: I passed the test
upvoted 1 times
...
uk_dataguy
1 year, 12 months ago
Selected Answer: B
Seems to be Data Lake Formation Simplified data lake setup: Streamlines creation and configuration of a centralized data lake. Fine-grained access control: Enables table and column-level permissions for users and groups. Data cataloging and discovery: Facilitates a searchable, centralized data catalog using AWS Glue. Data transformation: Supports ETL jobs to clean, enrich, and prepare data for analysis. Integration with AWS services: Seamlessly connects with various AWS analytics and processing tools. Security and compliance: Ensures data encryption, monitors access, and provides audit logs.
upvoted 1 times
...
anjuvinayan
2 years ago
Answer is C A-Move all data means cost and lot of effort B-It works but Lakeformation is easy C-Answer D- Move all data means cost and lot of effort
upvoted 2 times
...
akashm99101001com
2 years, 1 month ago
Selected Answer: B
Option C is incorrect because it requires setting up an individual AWS account for the central datalake. This would be an unnecessary expense. It also requires using AWS Lake Formation to catalog the cross-account locations. This would be a time-consuming and expensive process. AWS Lake Formation is a service that makes it easy to set up a secure data lake in days. It simplifies and automates many of the complex manual steps required to create a data lake, including collecting, cleaning, and cataloging data. You can use AWS Lake Formation to create a central data catalog that is accessible to all departments. You can use Lake Formation permissions to add fine-grained access controls to allow senior analysts to view specific tables and columns. However, setting up an individual AWS account for the central datalake would be an unnecessary expense. It would also require additional administrative overhead to manage the different accounts.
upvoted 1 times
...
rags1482
2 years, 1 month ago
Option B, keeps the account structure and the individual AWS Glue catalogs on each account, but still allows for a centralized catalog using AWS Glue. It uses cross-account access for AWS Glue crawlers to scan the data in each departmental S3 bucket and identify the schema, which populates the central catalog. The senior data analysts can be added to the central account with highly detailed access controls in the Data Catalog and Amazon S3. This approach is more scalable and cost-effective in cases where there are many departments or AWS accounts involved. Option C is a valid solution to the problem described, but it may not be the most cost-effective and efficient one. Setting up an individual AWS account for the central data lake and using AWS Lake Formation to catalog the cross-account locations with fine-grained access controls for senior analysts is a good approach, but it may involve additional administrative tasks and costs. Additionally, modifying the bucket policy for each individual S3 bucket may be cumbersome and error-prone.
upvoted 1 times
...
Arka_01
2 years, 7 months ago
Selected Answer: C
Lake Formation for such fine grained access. Also, no need to use Lake Formation BluePrint as data source is S3.
upvoted 1 times
...
muhsin
2 years, 8 months ago
should access to the subset of columns means fine-grained access control. It can be implemented by Lake Formation, not individual S3 buckets. So the answer is C.
upvoted 1 times
...
rocky48
2 years, 9 months ago
Selected Answer: C
Selected Answer: C
upvoted 1 times
...
Bik000
2 years, 11 months ago
Selected Answer: C
Answer is C
upvoted 2 times
...
MWL
2 years, 11 months ago
Selected Answer: C
Use AWS Lake Formation for cross account catalog and permission.
upvoted 1 times
...
aws2019
3 years, 5 months ago
Answer should be C.
upvoted 1 times
...
yogen
3 years, 5 months ago
When did B say..to move the data.... isn't catalog of data and moving the data two different things?
upvoted 1 times
...
umatrilok
3 years, 5 months ago
C is the correct answer
upvoted 2 times
...
lostsoul07
3 years, 5 months ago
C is the right answer
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago