Multiple Choice
You manage a web advertising platform on a single AWS account. This platform produces realtime ad-click data that you store as objects in an Amazon S3 bucket called "dick-data." Your advertising partners want to use Amazon Elastic MapReduce in their own AWS accounts to do analytics on the ad-click data. They have asked for immediate access to the ad-dick data so that they can run analytics. Which two choices are required to facilitate secure access to this data? (Choose two.)
A) Create a cross-account TAM role with a trust policy that contains partner AWS account IDs and a unique external ID.
B) Create a new IAM group for AWS Data Pipeline users with a trust policy that contains partner AWS account IDs.
C) Configure an Amazon S3 bucket policy for the "click-data" bucket that allows Read-Only access to the objects, and associate this policy with an IAM role.
D) Configure the Amazon S3 bucket access control list to allow access to the partners Amazon Elastic MapReduce cluster.
E) Configure AWS Data Pipeline in the partner AWS accounts to use the web Identity Federation API to access data in the "click-data" bucket.
F) Configure AWS Data Pipeline to transfer the data from the ''click-data" bucket to the partner's Amazon Elastic MapReduce cluster.
Correct Answer:
Verified
Correct Answer:
Verified
Q380: What is the maximum supported single-volume throughput
Q381: You work for a startup that has
Q382: A company must collect user consent to
Q383: An application that runs on Amazon EC2
Q384: A company is developing a web application's
Q386: A company is migrating an application to
Q387: An application running on multiple Amazon EC2
Q388: You need to perform ad-hoc analysis on
Q389: A DevOps Engineer administers an application that
Q390: You are building a game high score