A gaming organization is developing a new game and would like to offer real-time competition to their users. The data architecture has the following characteristics:
✑ The game application is writing events directly to Amazon DynamoDB from the user's mobile device.
✑ Users from the website can access their statistics directly from DynamoDB.
✑ The game servers are accessing DynamoDB to update the user's information.
✑ The data science team extracts data from DynamoDB for various applications.
The engineering team has already agreed to the IAM roles and policies to use for the data science team and the application.
Which actions will provide the MOST security, while maintaining the necessary access to the website and game application? (Choose two.)

A. Use Amazon Cognito user pool to authenticate to both the website and the game application.

B. Use IAM identity federation to authenticate to both the website and the game application.

C. Create an IAM policy with PUT permission for both the website and the game application.

D. Create an IAM policy with fine-grained permission for both the website and the game application.

E. Create an IAM policy with PUT permission for the game application and an IAM policy with GET permission for the website.






 

Suggested Answer: BE






This question is in BDS-C00 AWS Certified Big Data – Specialty Exam
For getting AWS Certified Big Data – Specialty Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.