Which solution will meet these requirements with the LEAST operational overhead?
Create an IAM role that includes permissions to access Lake Formation tables.
Create data filters to implement row-level security and cell-level security.
Create an AWS Lambda function that removes sensitive information before Lake Formation ingests the data.
Create an AWS Lambda function that periodically queries and removes sensitive information from Lake Formation tables.
Explanations:
IAM roles control access to resources but do not provide fine-grained data security, such as restricting access to sensitive information within a dataset.
Data filters, including row-level and cell-level security, offer a secure and efficient way to prevent unauthorized access to sensitive portions of the data while minimizing operational overhead.
Removing sensitive information before ingestion requires custom logic, introducing complexity and extra maintenance, increasing operational overhead.
Periodically removing sensitive information adds operational complexity and doesn’t provide the level of real-time access control needed for secure data access.