Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon MLS-C01 Exam - Topic 6 Question 77 Discussion

A data scientist is using an Amazon SageMaker notebook instance and needs to securely access data stored in a specific Amazon S3 bucket.How should the data scientist accomplish this?
C) Attach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.
A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.
B) Encrypt the objects in the S3 bucket with a custom AWS Key Management Service (AWS KMS) key that only the notebook owner has access to.
D) Use a script in a lifecycle configuration to configure the AWS CLI on the instance with an access key ID and secret.

Amazon MLS-C01 Exam - Topic 6 Question 77 Discussion

Actual exam question for Amazon's MLS-C01 exam
Question #: 77
Topic #: 6
[All MLS-C01 Questions]

A data scientist is using an Amazon SageMaker notebook instance and needs to securely access data stored in a specific Amazon S3 bucket.

How should the data scientist accomplish this?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Blondell at Jul 24, 2023, 02:06 PM

Limited Time Offer

25%

Off

Get Premium MLS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Luther
6 months ago
I agree with C, it's the best practice for permissions!
upvoted 0 times
...
Levi
7 months ago
Definitely not B, encryption alone won't grant access.
upvoted 0 times
...
Isabelle
7 months ago
Wait, can you really just use a script for access keys? Sounds risky!
upvoted 0 times
...
Suzi
7 months ago
I think A is also a valid choice, but C seems safer.
upvoted 0 times
...
Reuben
7 months ago
Option C is the way to go! Attach that IAM role.
upvoted 0 times
...
Darrin
7 months ago
I was leaning towards option B at first, but encrypting the objects doesn't really help with access permissions, right? So maybe it’s not the best answer.
upvoted 0 times
...
Anastacia
8 months ago
I practiced a similar question, and I feel like option D could be risky since it involves hardcoding access keys. That doesn't seem secure.
upvoted 0 times
...
Belen
8 months ago
I'm not entirely sure, but I remember something about bucket policies being less secure than IAM roles. Maybe option A isn't the best choice?
upvoted 0 times
...
Ezekiel
8 months ago
I think option C sounds right because it mentions attaching a policy to the IAM role, which is how permissions are usually managed in AWS.
upvoted 0 times
...
Nilsa
8 months ago
No problem, I've done this before. I'll just follow the steps in the explanation and insert the citation placeholder at the end of the second paragraph.
upvoted 0 times
...
Aleta
8 months ago
This seems straightforward enough. I'd start by enabling SSO, then make sure the IDP is configured correctly and that MFA is enabled. Integrating Marketing Cloud is the final piece to tie it all together.
upvoted 0 times
...
Magdalene
8 months ago
I'm not sure about this one. The wording is a bit tricky and I'm not confident I understand what they're asking for. Maybe I should review the time value of money concepts before attempting to solve this.
upvoted 0 times
...
Melina
1 year ago
Okay, so basically, we need to give the notebook instance the permissions it needs to access the S3 bucket. Simple as that!
upvoted 0 times
...
Pa
1 year ago
Using the AWS CLI on the instance with an access key? That's a big no-no! Never store credentials directly on the instance.
upvoted 0 times
Sue
11 months ago
Using the AWS CLI on the instance with an access key? That's a big no-no! Never store credentials directly on the instance.
upvoted 0 times
...
Alisha
12 months ago
Using the AWS CLI on the instance with an access key? That's a big no-no! Never store credentials directly on the instance.
upvoted 0 times
...
Amalia
12 months ago
C) Attach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.
upvoted 0 times
...
Zona
12 months ago
C) Attach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.
upvoted 0 times
...
Apolonia
12 months ago
A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.
upvoted 0 times
...
Alpha
1 year ago
A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.
upvoted 0 times
...
...
Nadine
1 year ago
Hmm, I'm not sure about using a custom KMS key. That seems like overkill for a simple S3 access scenario.
upvoted 0 times
Eura
12 months ago
I agree, using a custom KMS key does seem like overkill for this situation.
upvoted 0 times
...
Hollis
1 year ago
C) Attach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.
upvoted 0 times
...
Jolanda
1 year ago
A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.
upvoted 0 times
...
...
Margart
1 year ago
Option C is the way to go! Attaching the right IAM role to the notebook is the secure and recommended approach.
upvoted 0 times
Heidy
1 year ago
User 2: Yeah, attaching the right IAM role is the way to securely access the data.
upvoted 0 times
...
Julio
1 year ago
User 1: I think option C is the best choice.
upvoted 0 times
...
...
Yoko
1 year ago
I agree with Tawna, attaching the policy to the IAM role seems like the best option.
upvoted 0 times
...
Dominga
1 year ago
I disagree, I believe encrypting the objects with a custom AWS KMS key is the way to go.
upvoted 0 times
...
Tawna
1 year ago
I think the data scientist should add an S3 bucket policy to the notebook ARN.
upvoted 0 times
...

Save Cancel