Buy Any Product & Get Flat 15% OFF | Use Coupon - WHIZSITE

Redshift permission with view


#1

Managers in a company need access to the human resources database that runs on Amazon Redshift, to run reports about their employees. Managers must only see information about their direct reports. Which technique should be used to address this requirement with Amazon Redshift?

A. Define an IAM group for each manager with each employee as an IAM user in that group, and use that to limit the access.
B. Use Amazon Redshift snapshot to create one cluster per manager. Allow the manager to access only their designated clusters.
C. Define a key for each manager in AWS KMS and encrypt the data for their employees with their private keys.
D. Define a view that uses the employee’s manager name to filter the records based on current user names.

Could view solve above problem?


#2

Where are you getting these questions from?


#3

Hi zanhsieh,
Option A seems to be the optimal choice. You will find more examples for IAM policies in the following link.
https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html#redshift-iam-accesscontrol.examples
Regards


#4

@devip Thanks for reply. I thought Redshift suppose like PostgreSQL, which IAM only could limit what we operate with the Redshift cluster, not actually define what the user could see (e.g. the table).


#5

Zanhsieh you must have found the same questions I did. Many of these are wrong, I found 19 that I thought were wrong. I sent an email to them and they said that are checking but no response yet.
I think the correct answer here is view.


#6

@zanhsieh @tom I have stumbled across this page as i have also noticed alot of the questions discussed here have correct answers compared to the question pool solutions. Any chance you could list more?