Amazon Exam MLS-C01 Topic 6 Question 77 Discussion

Actual exam question for Amazon's MLS-C01 exam

Question #: 77
Topic #: 6

A data scientist is using an Amazon SageMaker notebook instance and needs to securely access data stored in a specific Amazon S3 bucket.

How should the data scientist accomplish this?

AAdd an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.

BEncrypt the objects in the S3 bucket with a custom AWS Key Management Service (AWS KMS) key that only the notebook owner has access to.

CAttach the policy to the IAM role associated with the notebook that allows GetObject, PutObject, and ListBucket operations to the specific S3 bucket.

DUse a script in a lifecycle configuration to configure the AWS CLI on the instance with an access key ID and secret.

Show Suggested Answer

Suggested Answer: C

by Blondell at Jul 24, 2023, 02:06 PM

Limited Time Offer

25%

Off

Get Premium MLS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Melina

24 days ago

Okay, so basically, we need to give the notebook instance the permissions it needs to access the S3 bucket. Simple as that!

upvoted 0 times

...

Pa

25 days ago

Using the AWS CLI on the instance with an access key? That's a big no-no! Never store credentials directly on the instance.

upvoted 0 times

Alpha

8 days ago

A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.

upvoted 0 times

...

Nadine

1 months ago

Hmm, I'm not sure about using a custom KMS key. That seems like overkill for a simple S3 access scenario.

upvoted 0 times

Jolanda

16 days ago

A) Add an S3 bucket policy allowing GetObject, PutObject, and ListBucket permissions to the Amazon SageMaker notebook ARN as principal.

upvoted 0 times

...

Margart

2 months ago

Option C is the way to go! Attaching the right IAM role to the notebook is the secure and recommended approach.

upvoted 0 times

Heidy

27 days ago

User 2: Yeah, attaching the right IAM role is the way to securely access the data.

upvoted 0 times

...

Julio

30 days ago

User 1: I think option C is the best choice.

upvoted 0 times

...

Yoko

2 months ago

I agree with Tawna, attaching the policy to the IAM role seems like the best option.

upvoted 0 times

...

Dominga

2 months ago

I disagree, I believe encrypting the objects with a custom AWS KMS key is the way to go.

upvoted 0 times

...

Tawna

2 months ago

I think the data scientist should add an S3 bucket policy to the notebook ARN.

upvoted 0 times

...