www.HadoopExam.com

HadoopExam Learning Resources

Question : 8 For DynamoDB, which statement are correct ?

Question : 8 For DynamoDB, which statement are correct ?

1.By using Proxy, it is not possible for a developer to achieve item level access control

2.By using FGAC, it is possible for a developer to achieve item level access control 

3.By using Per-Client Embedded Token, it is possible for a developer to achieve item level access control

4.By using secret key, it is possible for a developer to achieve item level access control

1.     1,2,3

2.      2,3,4

3.      1,2,4

4.      2,3,4

Ans : 1 Exp : Fine Grained Access Control (FGAC) gives a DynamoDB table owner a high degree of control over data in the table. Specifically, the table owner can indicate who (caller) can access which items or attributes of the table and perform what actions (read / write capability).  To achieve this level of control without FGAC, a developer would have to choose from a few potentially onerous approaches. Some of these are:

1.Proxy: The application client sends a request to a brokering proxy that performs the authentication and authorization.

Such a solution increases the complexity of the system architecture and can result in a higher total cost of ownership (TCO).

2.Per Client Table: Every application client is assigned its own table. Since application clients access different tables, 

they would be protected from one another. This could potentially require a developer to create millions of tables, thereby 

making database management extremely painful.

3.Per-Client Embedded Token: A secret token is embedded in the application client. The shortcoming of this is the difficulty in 

changing the token and handling its impact on the stored data. Here, the key of the items accessible by this client would contain the secret token.

You have no rights to post comments

You are here: Home AWS (Amazon WebService) AWS Sol Architect Associate Question : 8 For DynamoDB, which statement are correct ?