Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon-DEA-C01 Exam - Topic 1 Question 17 Discussion

Actual exam question for Amazon's Amazon-DEA-C01 exam
Question #: 17
Topic #: 1
[All Amazon-DEA-C01 Questions]

A company uses Amazon Athena for one-time queries against data that is in Amazon S3. The company has several use cases. The company must implement permission controls to separate query processes and access to query history among users, teams, and applications that are in the same AWS account.

Which solution will meet these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: B

Athena workgroups are a way to isolate query execution and query history among users, teams, and applications that share the same AWS account. By creating a workgroup for each use case, the company can control the access and actions on the workgroup resource using resource-level IAM permissions or identity-based IAM policies. The company can also use tags to organize and identify the workgroups, and use them as conditions in the IAM policies to grant or deny permissions to the workgroup. This solution meets the requirements of separating query processes and access to query history among users, teams, and applications that are in the same AWS account.Reference:

Athena Workgroups

IAM policies for accessing workgroups

Workgroup example policies


by Stephen at Jul 10, 2025, 04:47 AM

Limited Time Offer

25%

Off

Get Premium Amazon-DEA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Shawn
3 months ago
I’ve used workgroups before, they really help with separating access.
upvoted 0 times
...
Carylon
3 months ago
Wait, can you really manage permissions just with tags?
upvoted 0 times
...
Brice
3 months ago
Option B sounds like the best fit for managing permissions effectively.
upvoted 0 times
...
Ronny
3 months ago
Option D seems too complicated for just query history controls.
upvoted 0 times
...
Elvis
4 months ago
I disagree, I think option A is simpler to implement.
upvoted 0 times
...
Nobuko
4 months ago
Option D seems interesting, but I wonder if using a Glue Data Catalog resource policy is overkill for just query history. I think workgroups might be simpler.
upvoted 0 times
...
Thaddeus
4 months ago
I recall that S3 bucket policies can be restrictive, so option A might not be the best for separating access. It feels like it could lead to confusion among users.
upvoted 0 times
...
Maybelle
4 months ago
I'm not entirely sure, but I remember something about IAM roles being used for permissions. Option C might be a valid choice, but I feel like it could complicate things.
upvoted 0 times
...
Nadine
4 months ago
I think option B sounds familiar because we discussed workgroups in our last practice session. They seem to be a good way to manage permissions in Athena.
upvoted 0 times
...
Yolando
5 months ago
This seems like a classic AWS permissions management question. I'm pretty confident I can solve this one - I'll start by analyzing each option and thinking through how well it meets the stated requirements.
upvoted 0 times
...
Loreen
5 months ago
I'm a bit confused by the different options presented here. I'll need to review the AWS Athena and S3 documentation to make sure I fully understand the implications of each approach before selecting an answer.
upvoted 0 times
...
Beatriz
5 months ago
Okay, I've got a strategy in mind. I'm going to focus on the key requirements - separating query processes and access to query history among users, teams, and applications. I think option B with Athena workgroups and IAM policies might be the most flexible and scalable solution.
upvoted 0 times
...
Leonora
5 months ago
Hmm, this is a tricky one. I'm not entirely sure which solution would be the best approach here. I'll need to think through the pros and cons of each option carefully.
upvoted 0 times
...
Pansy
5 months ago
This looks like a pretty straightforward permissions management question. I think I'll start by carefully reading through the requirements to make sure I understand them fully.
upvoted 0 times
...
Lorita
7 months ago
Hmm, Option A with the S3 bucket policies feels a bit outdated. I bet the exam writers are trying to trick us with that one. I'm going with Option B.
upvoted 0 times
...
Dwight
8 months ago
I prefer option D. Creating a Glue Data Catalog resource policy for specific tables provides more granular control.
upvoted 0 times
...
Delpha
8 months ago
Option D is an interesting one, using the AWS Glue Data Catalog resource policy to manage permissions. Seems like it could be a bit more complex, but it might be the most flexible solution.
upvoted 0 times
Marguerita
6 months ago
Applying tags to the workgroup with Option B could help organize permissions effectively.
upvoted 0 times
...
Golda
6 months ago
I think creating an S3 bucket for each use case could work well too.
upvoted 0 times
...
Jennie
6 months ago
Option D is a good choice for managing permissions.
upvoted 0 times
...
...
Fletcher
8 months ago
I like the simplicity of Option C. Creating IAM roles and assigning the appropriate permissions to each one is a straightforward approach.
upvoted 0 times
Janet
6 months ago
I agree, creating IAM roles for each use case seems like a clean solution.
upvoted 0 times
...
Thaddeus
7 months ago
Option C sounds like the best choice. It's simple and effective.
upvoted 0 times
...
...
Christiane
8 months ago
I agree with Dawne. Using Athena workgroups with tags seems like a good way to manage permissions.
upvoted 0 times
...
Nguyet
8 months ago
Option B seems like the way to go. Separating the workgroups by use case and using tags to manage permissions sounds like a neat solution.
upvoted 0 times
Delmy
8 months ago
Agreed. It's important to have a structured way to control access and separate query processes.
upvoted 0 times
...
Della
8 months ago
That sounds like a good approach. It would definitely help in managing permissions effectively.
upvoted 0 times
...
Bobbye
8 months ago
B) Create an Athena workgroup for each use case. Apply tags to the workgroup. Create an IAM policy that uses the tags to apply appropriate permissions to the workgroup.
upvoted 0 times
...
...
Dawne
8 months ago
I think option B is the best solution.
upvoted 0 times
...

Save Cancel