{"id":303,"date":"2022-02-09T05:50:38","date_gmt":"2022-02-09T05:50:38","guid":{"rendered":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question237\/"},"modified":"2022-02-09T05:50:38","modified_gmt":"2022-02-09T05:50:38","slug":"aws-certified-security-specialty-scs-c01-question237","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/aws\/Security-Specialty_SCS-C01\/aws-certified-security-specialty-scs-c01-question237\/","title":{"rendered":"AWS Certified Security – Specialty SCS-C01 – Question237"},"content":{"rendered":"
A developer is building a serverless application hosted on AWS that uses Amazon Redshift as a data store.
\nThe application has separate module for read\/write and read-only functionality. The modules need their own database users for compliance reasons.
\nWhich combination of steps should a security engineer implement to grant appropriate access? (Choose two.)

A.<\/strong> Configure cluster security groups for each application module to control access to database users that are required for read-only and read-write.
B.<\/strong> Configure a VPC endpoint for Amazon Redshift. Configure an endpoint policy that maps database users to each application module, and allow access to the tables that are required for read-only and read\/ write.
C.<\/strong> Configure an IAM policy for each module. Specify the ARN of an Amazon Redshift database user that allows the GetClusterCredentials API call.
D.<\/strong> Create local database users for each module.
E.<\/strong> Configure an IAM policy for each module. Specify the ARN of an IAM user that allows the GetClusterCredentials API call.<\/div>\n

<\/p>\n