Crucial Exams

AWS Certified Data Engineer Associate DEA-C01 Practice Question

A data engineer is building an Amazon MWAA environment in two private subnets that lack internet or a NAT gateway. DAGs, plugins, and requirements.txt are stored in an Amazon S3 bucket in the same Region. Creation fails, and CloudWatch Logs show time-outs when connecting to s3.amazonaws.com. The company must fix the problem without exposing the subnets to the internet. What should they do?

  • Add s3:GetObject and s3:ListBucket permissions to the MWAA execution role.

  • Enable cross-origin resource sharing (CORS) on the S3 bucket that stores the DAGs.

  • Create a gateway VPC endpoint for Amazon S3 and add it to the route tables of the private subnets.

  • Attach an internet gateway to the VPC and add a 0.0.0.0/0 route to the private subnets.

AWS Certified Data Engineer Associate DEA-C01
Data Operations and Support
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot