New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon AIF-C01 Exam - Topic 3 Question 13 Discussion

Actual exam question for Amazon's AIF-C01 exam
Question #: 13
Topic #: 3
[All AIF-C01 Questions]

A company wants to develop a large language model (LLM) application by using Amazon Bedrock and customer data that is uploaded to Amazon S3. The company's security policy states that each team can access data for only the team's own customers.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Nour Abdelhalim at Oct 28, 2024, 03:52 PM

Limited Time Offer

25%

Off

Get Premium AIF-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Curtis
3 months ago
D could work too, but it feels a bit complicated for team management.
upvoted 0 times
...
Eileen
3 months ago
Wait, can one role really handle all that access? Sounds risky!
upvoted 0 times
...
Adrianna
3 months ago
I’m not sure about A, though. What if teams need to collaborate?
upvoted 0 times
...
Sherron
4 months ago
I agree, A is definitely the most straightforward solution.
upvoted 0 times
...
Dean
4 months ago
Option A seems like the safest bet for data security.
upvoted 0 times
...
Brock
4 months ago
Option B feels a bit risky to me. Relying on teams to specify customer names could lead to mistakes or unauthorized access. I think we need stricter controls.
upvoted 0 times
...
Ranee
4 months ago
I’m leaning towards option C, but I’m not completely confident. Redacting data sounds good, but I’m not sure if it fully meets the access control requirement.
upvoted 0 times
...
Kenny
4 months ago
I remember a practice question where we had to restrict access based on user roles. Option D seems similar, but I wonder if having one role for Bedrock is a security risk.
upvoted 0 times
...
Shantay
5 months ago
I think option A makes sense because it provides each team with a custom role, but I'm not sure if managing multiple roles would be efficient.
upvoted 0 times
...
Colene
5 months ago
Option D seems like it could work - having one Bedrock role with full S3 access, then using IAM roles to restrict each team to their own folders. That could be a good solution.
upvoted 0 times
...
Sabra
5 months ago
I'm a bit confused by the different options. I'll need to re-read the question and think through the implications of each approach.
upvoted 0 times
...
Edelmira
5 months ago
Option A looks promising - creating separate roles for each team to access their own customer data. That would meet the security policy.
upvoted 0 times
...
Jose
5 months ago
This seems like a tricky security question. I'll need to carefully consider the requirements and think through the options.
upvoted 0 times
...
Buffy
1 year ago
Haha, imagine the chaos if we gave one role full S3 access. D is the clear winner here, in my opinion.
upvoted 0 times
...
Antonio
1 year ago
B is a creative approach, but asking teams to specify the customer name on every request feels error-prone. I'd stick with a more robust solution.
upvoted 0 times
Refugia
1 year ago
D) Create one Amazon Bedrock role that has full Amazon S3 access. Create IAM roles for each team that have access to only each team's customer folders.
upvoted 0 times
...
Jenelle
1 year ago
A) Create an Amazon Bedrock custom service role for each team that has access to only the team's customer data.
upvoted 0 times
...
...
Ora
1 year ago
I think option B could work too, as long as teams are diligent in specifying customer names.
upvoted 0 times
...
Fletcher
1 year ago
I agree with Barb, option D seems like the most secure choice.
upvoted 0 times
...
Barb
1 year ago
I disagree, I believe option D is more efficient.
upvoted 0 times
...
Brittni
1 year ago
I think option A is the best solution.
upvoted 0 times
...
Noemi
1 year ago
C is interesting, but redacting data might be overkill. I'd go with A or D to be safe.
upvoted 0 times
...
Paola
1 year ago
Option A seems like the way to go. Keep it simple and secure for each team.
upvoted 0 times
Aracelis
1 year ago
I think option A is better. It's more specific and secure for each team.
upvoted 0 times
...
Jade
1 year ago
D) Create one Amazon Bedrock role that has full Amazon S3 access. Create IAM roles for each team that have access to only each team's customer folders.
upvoted 0 times
...
Fanny
1 year ago
That sounds like a good solution. It keeps data secure for each team.
upvoted 0 times
...
Ivette
1 year ago
A) Create an Amazon Bedrock custom service role for each team that has access to only the team's customer data.
upvoted 0 times
...
...

Save Cancel