AWS Certified Data Engineer Associate DEA-C01 Practice Question
Your company operates an Amazon Redshift RA3 cluster in Account A. The finance.orders table must be shared with a partner in Account B, but the partner may see only the invoice_id, order_date, and amount columns. Copying data to Amazon S3 is prohibited. Near-real-time queries, centralized auditing, and fast revocation of column privileges are required. Which approach meets these requirements?
Register the producer cluster with AWS Lake Formation, create a datashare that contains a view exposing only the required columns, grant SELECT on the view to the partner's IAM role in Lake Formation, and share the datashare with Account B; the partner creates a database FROM DATASHARE and queries the view.
Create a Redshift datashare containing the full orders table, grant USAGE ON DATASHARE directly to Account B, and have the partner create a view that hides the sensitive columns in its consumer cluster.
Use UNLOAD to export the orders table to an encrypted Amazon S3 bucket that is shared with Account B, restrict access with an S3 bucket policy and access points, and let the partner query the files with Amazon Redshift Spectrum.
Create an AWS Glue job that copies the orders data into a Redshift cluster in Account B every hour, grant SELECT on the replica table to the partner role, and rely on AWS CloudTrail logs for auditing.
Using Amazon Redshift data sharing governed by AWS Lake Formation keeps the data in Redshift managed storage, so no S3 copy is required, and queries see live, transactionally consistent data. Registering the producer cluster with Lake Formation and sharing a datashare that contains a view (or Lake Formation column filters) lets administrators grant, audit, and revoke column-level permissions from a single location. The other approaches either copy data to S3, rely on scheduled ETL, or give the consumer full-table access, so they violate the compliance, latency, or least-privilege requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Amazon Redshift data sharing?
Open an interactive chat with Bash
What is the role of AWS Lake Formation in data sharing?
Open an interactive chat with Bash
How does creating a view help with column-level access in Redshift?
Open an interactive chat with Bash
What is AWS Lake Formation, and why is it used in this Redshift data-sharing solution?
Open an interactive chat with Bash
What is a Redshift datashare, and how does it differ from copying data to S3?
Open an interactive chat with Bash
Why was a view used in the selected solution, and how does it ensure data security?
Open an interactive chat with Bash
AWS Certified Data Engineer Associate DEA-C01
Data Security and Governance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .