Answer-first summary for fast verification
Answer: Set up AWS Lake Formation. Define security policy-based rules for the users and applications by IAM role in Lake Formation.
AWS Lake Formation provides a centralized way to define fine-grained, column-level, and row-level access controls for data stored in Amazon S3 and accessed via Amazon Athena. This solves the challenge of configuring complex column-level data access simply using IAM roles.
Author: Ritesh Yadav
Ultimate access to all questions.
A company has a data lake on AWS. The data lake ingests sources of data from business units. The company uses Amazon Athena for queries. The storage layer is Amazon S3 with an AWS Glue Data Catalog as a metadata repository. The company wants to make the data available to data scientists and business analysts. However, the company first needs to manage fine-grained, column-level data access for Athena based on the user roles and responsibilities. Which solution will meet these requirements?
A
Set up AWS Lake Formation. Define security policy-based rules for the users and applications by IAM role in Lake Formation.
B
Define an IAM resource-based policy for AWS Glue tables. Attach the same policy to IAM user groups.
C
Define an IAM identity-based policy for AWS Glue tables. Attach the same policy to IAM roles. Associate the IAM roles with IAM groups that contain the users.
No comments yet.