Topic 1 Question 176
A company uses Amazon S3 to store data and Amazon QuickSight to create visualizations,
The company has an S3 bucket in an AWS account named Hub-Account. The S3 bucket is encrypted by an AWS Key Management Service (AWS KMS) key. The company's QuickSight instance is in a separate account named BI-Account.
The company updates the S3 bucket policy to grant access to the QuickSight service role. The company wants to enable cross-account access to allow QuickSight to interact with the S3 bucket.
Which combination of steps will meet this requirement?
Use the existing AWS KMS key to encrypt connections from QuickSight to the S3 bucket.
Add the S3 bucket as a resource that the QuickSight service role can access.
Use AWS Resource Access Manager (AWS RAM) to share the S3 bucket with the BI-Account account.
Add an IAM policy to the QuickSight service role to give QuickSight access to the KMS key that encrypts the S3 bucket.
Add the KMS key as a resource that the QuickSight service role can access.
ユーザの投票
コメント(13)
Answer : DE
👍 32022MMTT2024/10/29Answer: BD
👍 3pikuantne2024/10/31Answer BE: Step to enable cross-account access:
- update S3 bucket policy in Hub-account (B)
- Update the KMS key Policy in Hub-Account(E)
- Config QuickSight to access S3
👍 3truongnguyen862024/10/31
シャッフルモード