DOP-C02 · Question #220
DOP-C02 Question #220: Real Exam Question with Answer & Explanation
The correct answer is D: Create an S3 access point that uses the raw data's S3 bucket as the destination. For each. Explanation Option D is correct because S3 Object Lambda access points allow you to attach AWS Lambda functions to a single S3 access point, enabling different data transformations (redactions) to be applied per application without duplicating or storing multiple versions of the
Question
A company is launching an application that stores raw data in an Amazon S3 bucket. Three applications need to access the data to generate reports. The data must be redacted differently for each application before the applications can access the data. Which solution will meet these requirements?
Options
- ACreate an S3 bucket for each application. Configure S3 Same-Region Replication (SRR) from the
- BCreate an Amazon Kinesis data stream. Create an AWS Lambda function that is invoked by
- CFor each application, create an S3 access point that uses the raw data's S3 bucket as the
- DCreate an S3 access point that uses the raw data's S3 bucket as the destination. For each
Explanation
Explanation
Option D is correct because S3 Object Lambda access points allow you to attach AWS Lambda functions to a single S3 access point, enabling different data transformations (redactions) to be applied per application without duplicating or storing multiple versions of the raw data. Each application gets its own view of the data with the appropriate redaction applied dynamically at read time, all sourced from one raw S3 bucket.
Why the distractors are wrong:
- Option A (S3 SRR) creates unnecessary data duplication across multiple buckets, increasing storage costs and management complexity - and SRR doesn't natively apply redaction transformations.
- Option B (Kinesis + Lambda) is designed for real-time streaming ingestion, not for serving stored S3 objects with per-application transformations.
- Option C is a near-miss - creating a separate access point per application is partially correct, but without S3 Object Lambda attached, standard access points don't perform data redaction/transformation on retrieval.
Memory Tip: Think of S3 Object Lambda as a "filter on the way out" - raw data stays in one place, and Lambda intercepts the GET request to transform data differently for each consumer. One bucket, many views.
Topics
Community Discussion
No community discussion yet for this question.