Question 16

Question

[Data Engineering]
A data scientist is using an Amazon SageMaker notebook instance and needs to securely access data
stored in a specific Amazon S3 bucket.
How should the data scientist accomplish this?

Accepted Answer

Attach the policy to the IAM role associated with the notebook that allows GetObject, PutObject,
and ListBucket operations to the specific S3 bucket.

Leo M. · Answer

I get the point about A, but I'm thinking C is correct for secure access with SageMaker roles.

CameronK · Answer

Maybe A. Granting permissions using a bucket policy directly seems like it covers access for the SageMaker notebook, right?

Jamie C. · Answer

I see why A might work since you can target the notebook ARN in a bucket policy, and that would technically allow access. But if the bucket is already locked down by VPC or has multiple principals, edge cases could make this less secure. Picking A.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE