Amazon Exam BDS-C00 Topic 11 Question 89 Discussion

Actual exam question for Amazon's BDS-C00 exam

Question #: 89
Topic #: 11

Managers in a company need access to the human resources database that runs on Amazon Redshift, to run reports about their employees. Managers must only see information about their direct reports.

Which technique should be used to address this requirement with Amazon Redshift?

ADefine an IAM group for each employee as an IAM user in that group and use that to limit the access.

BUse Amazon Redshift snapshot to create one cluster per manager. Allow the managers to access only their designated clusters.

CDefine a key for each manager in AWS KMS and encrypt the data for their employees with their private keys.

DDefine a view that uses the employee's manager name to filter the records based on current user names.

Show Suggested Answer

Suggested Answer: A, D

by Stevie at Apr 10, 2024, 07:34 PM

Limited Time Offer

25%

Off

Get Premium BDS-C00 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ula

1 days ago

I'm going with option D as well. Defining a view to filter the data based on the current user's manager name seems like the most elegant and efficient solution here.

upvoted 0 times

...

Amie

3 days ago

Haha, option C is just crazy! Encrypting the data with manager-specific keys? That's like putting a padlock on a digital door. Way too much complexity for a simple access control problem.

upvoted 0 times

...

Maira

9 days ago

Option B is an interesting approach, but it seems a bit overkill for this use case. Creating a separate cluster for each manager could quickly become unwieldy and expensive.

upvoted 0 times

...

Jamal

15 days ago

I see both points, but I think option D is more practical and efficient for managing access to the human resources database.

upvoted 0 times

...

Benton

16 days ago

I disagree, I believe option A is more secure as it limits access by defining IAM groups for each employee.

upvoted 0 times

...

Frederick

19 days ago

Option D sounds like the most straightforward solution. I like how it allows managers to access only the data they need without having to manage separate clusters or encryption keys.

upvoted 0 times

...

Margart

21 days ago

I think option D is the best choice because it allows managers to only see information about their direct reports.

upvoted 0 times

...