Answer-first summary for fast verification
Answer: Create an IAM role with the minimum required permissions for the SageMaker model to access the specific S3 bucket containing the input data, and assign it to the SageMaker model.
To ensure secure and least privilege access for the SageMaker model to access the input data stored in Amazon S3, you should create an IAM role with the minimum required permissions for the SageMaker model to access the specific S3 bucket containing the input data, and assign it to the SageMaker model. This approach follows the principle of least privilege by granting the SageMaker model access only to the resources it needs. Option A provides excessive permissions, while options C and D are not recommended as they involve modifying bucket policies or using the root account, which can lead to security risks.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company is implementing a new machine learning model using Amazon SageMaker. You need to ensure that the model has the necessary permissions to access the input data stored in Amazon S3. Which of the following steps should you take to achieve this?
A
Create an IAM role with full access to all S3 buckets and assign it to the SageMaker model.
B
Create an IAM role with the minimum required permissions for the SageMaker model to access the specific S3 bucket containing the input data, and assign it to the SageMaker model.
C
Modify the S3 bucket policy to allow access from the SageMaker service.
D
Use the root account credentials to configure the SageMaker model to access the S3 data.