Amazon Exam MLS-C01 Topic 6 Question 77 Discussion

Actual exam question for Amazon's MLS-C01 exam

Question #: 77
Topic #: 6

A data scientist is using an Amazon SageMaker notebook instance and needs to securely access data stored in a specific Amazon S3 bucket.

How should the data scientist accomplish this?

AAdd an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.

BEncrypt the objects in the S3 bucket with a custom AWS Key Management Service (AWS KMS) key that only the notebook owner has access to.

CAttach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.

DUse a script in a lifecycle configuration to configure the AWS CLI on the instance with an access key ID and secret.

Show Suggested Answer

Suggested Answer: C

by Blondell at Jul 24, 2023, 02:06 PM

Limited Time Offer

25%

Off

Get Premium MLS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Margart

5 days ago

Option C is the way to go! Attaching the right IAM role to the notebook is the secure and recommended approach.

upvoted 0 times

...

Yoko

10 days ago

I agree with Tawna, attaching the policy to the IAM role seems like the best option.

upvoted 0 times

...

Dominga

13 days ago

I disagree, I believe encrypting the objects with a custom AWS KMS key is the way to go.

upvoted 0 times

...

Tawna

16 days ago

I think the data scientist should add an S3 bucket policy to the notebook ARN.

upvoted 0 times

...