Topic 1 Question 64
A company stores data in a data lake that is in Amazon S3. Some data that the company stores in the data lake contains personally identifiable information (PII). Multiple user groups need to access the raw data. The company must ensure that user groups can access only the PII that they require. Which solution will meet these requirements with the LEAST effort?
Use Amazon Athena to query the data. Set up AWS Lake Formation and create data filters to establish levels of access for the company's IAM roles. Assign each user to the IAM role that matches the user's PII access requirements.
Use Amazon QuickSight to access the data. Use column-level security features in QuickSight to limit the PII that users can retrieve from Amazon S3 by using Amazon Athena. Define QuickSight access levels based on the PII access requirements of the users.
Build a custom query builder UI that will run Athena queries in the background to access the data. Create user groups in Amazon Cognito. Assign access levels to the user groups based on the PII access requirements of the users.
Create IAM roles that have different levels of granular access. Assign the IAM roles to IAM user groups. Use an identity-based policy to assign access levels to user groups at the column level.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: A
Option A, using Amazon Athena with AWS Lake Formation, is the most suitable solution. Lake Formation is designed to provide fine-grained access control to data lakes stored in S3 and integrates well with Athena, thereby meeting the requirements with the least effort. https://aws.amazon.com/blogs/big-data/anonymize-and-manage-data-in-your-data-lake-with-amazon-athena-and-aws-lake-formation/
👍 4rralucard_2024/08/02 - 正解だと思う選択肢: A
Amazon Athena to query the data and setting up AWS Lake Formation with data filters, the company can ensure that user groups can access only the personally identifiable information (PII) that they require. The combination of Athena for querying and Lake Formation for access control provides a comprehensive solution for managing PII access requirements effectively and securely
👍 3lucas_rfsb2024/10/01 Selected Answer: A The solution that will meet the requirements with the LEAST effort is:
A. Use Amazon Athena to query the data. Set up AWS Lake Formation and create data filters to establish levels of access for the company’s IAM roles. Assign each user to the IAM role that matches the user’s PII access requirements.
This option leverages AWS Lake Formation to create data filters and establish access levels for IAM roles, providing a straightforward approach to managing user access based on PII requirements.
👍 2Felix_G2024/09/03
シャッフルモード