Which solution will meet these requirements with the LEAST operational overhead?

By:
In: SAA-C03
Tagged:
With: 2 Comments
A company is building a data analysis platform on AWS by using AWS Lake Formation.The platform will ingest data from different sources such as Amazon S3 and Amazon RDS.The company needs a secure solution to prevent access to portions of the data that contain sensitive information.

Which solution will meet these requirements with the LEAST operational overhead?

Create an IAM role that includes permissions to access Lake Formation tables.

Create data filters to implement row-level security and cell-level security.

Create an AWS Lambda function that removes sensitive information before Lake Formation ingests the data.

Create an AWS Lambda function that periodically queries and removes sensitive information from Lake Formation tables.

Explanations:

IAM roles control access to resources but do not provide fine-grained data security, such as restricting access to sensitive information within a dataset.

Data filters, including row-level and cell-level security, offer a secure and efficient way to prevent unauthorized access to sensitive portions of the data while minimizing operational overhead.

Removing sensitive information before ingestion requires custom logic, introducing complexity and extra maintenance, increasing operational overhead.

Periodically removing sensitive information adds operational complexity and doesn’t provide the level of real-time access control needed for secure data access.

2026-03-16

2 Comments

  1. Melissa
    Author

    I surmise that the answer is:
    Create data filters to implement row-level security and cell-level security.

  2. Brittany
    Author

    In my experience, the answer is:
    Create data filters to implement row-level security and cell-level security.

Leave a Reply

Your email address will not be published. Required fields are marked *

two × 1 =