Examtopics

AWS Certified Data Engineer - Associate

163
165

Topic 1 Question 164
A company is building a data stream processing application. The application runs in an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. The application stores processed data in an Amazon DynamoDB table.

The company needs the application containers in the EKS cluster to have secure access to the DynamoDB table. The company does not want to embed AWS credentials in the containers.

Which solution will meet these requirements?
- Store the AWS credentials in an Amazon S3 bucket. Grant the EKS containers access to the S3 bucket to retrieve the credentials.
- Attach an IAM role to the EKS worker nodes, Grant the IAM role access to DynamoDUse the IAM role to set up IAM roles service accounts (IRSA) functionality.
- Create an IAM user that has an access key to access the DynamoDB table. Use environment variables in the EKS containers to store the IAM user access key data.
- Create an IAM user that has an access key to access the DynamoDB table. Use Kubernetes secrets that are mounted in a volume of the EKS duster nodes to store the user access key data.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
  
  👍 1
  jacob_nz2024/11/22
- 正解だと思う選択肢: B
  https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html
  
  👍 1
  emupsx12024/11/24
シャッフルモード

163
165