DEA-C01 · Question #273
DEA-C01 Question #273: Real Exam Question with Answer & Explanation
Sign in or unlock DEA-C01 to reveal the answer and full explanation for question #273. The question stem and answer options stay visible for context.
Question
A company that operates globally must follow regulations that require data from an AWS Region to be accessible only within that Region. A data engineer is creating a data pipeline that will create resources in the Region where the data engineer works. The data pipeline should have access to data only from the Region where the data engineer works. The pipeline uses Active Directory as an identity and authentication system. The pipeline uses a custom identity broker application to verify that employees are signed in to Active Directory and to obtain temporary credentials by using the AssumeRole API operation. Which solution will meet the locality requirements with the LEAST administrative effort?
Options
- ACreate an IAM role that has permissions to create resources. Create a policy for each Region that
- BCreate an IAM role for data engineers in each Region separately. Instruct each data engineer to
- CCreate an IAM group for each Region. Include the required IAM policies for each IAM group. Add
- DCreate individual IAM policies that allow users to create resources in a specific Region. Assign
Unlock DEA-C01 to see the answer
You've previewed enough free DEA-C01 questions. Unlock DEA-C01 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.