How to Achieve Proper Authentication and Authorization Control for Kinesis Analytics Application
Question
HikeHills.com (HH) is an online specialty retailer that sells clothing and outdoor refreshment gear for trekking, go camping, boulevard biking, mountain biking, rock hiking, ice mountaineering, skiing, avalanche protection, snowboarding, fly fishing, kayaking, rafting, road and trace running, and many more. HHruns their entire online infrastructure on java based web applications running on AWS.
The HH is capturing clickstream data and use custom-build recommendation engine to recommend products which eventually improve sales, understand customer preferences and already using AWS Streaming capabilities to collect events and transaction logs and process the stream. HHis using kinesis analytics to build SQL querying capability on streaming and planning to use different types of queries to process the data.
HH need to ensure proper authentication and authorization control for kinesis analytics application needs to be enabled.
How can this be achieved? select 2 options.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: A, D.
Access to Amazon Kinesis Data Analytics requires credentials.
Those credentials must have permissions to access AWS resources, such as an Amazon Kinesis Data Analytics application or an Amazon Elastic Compute Cloud (Amazon EC2) instance.
Authentication - root user, IAM User, and IAM role thereby managing federated user access, AWS service access and Applications running on Amazon EC2
Access Control - through Permissions, policies, Actions and Resources.
https://docs.aws.amazon.com/kinesisanalytics/latest/dev/authentication-and-access-control.htmlTo ensure proper authentication and authorization control for the Kinesis Analytics application, the following two options can be used:
A. Authentication and Access to AWS resources using following identities like root user, IAM User, and IAM role thereby managing federated user access, AWS service access and Applications running on Amazon EC2
This option focuses on managing access to AWS resources such as Kinesis Analytics using different identities like the root user, IAM user, and IAM role. IAM user and role can be used to grant access to Kinesis Analytics application for specific AWS resources. This ensures that only authorized users have access to the application and resources.
IAM also allows you to manage federated user access, which means that you can allow users to access AWS resources using their existing identity such as Google or Facebook login. Applications running on Amazon EC2 instances can also be granted access to AWS resources using IAM roles.
B. Access Control using following identities like root user, IAM User, and IAM role thereby managing federated user access, AWS service access and Applications running on Amazon EC2
This option is similar to option A, but it specifically focuses on access control. Access control can be managed using different identities such as the root user, IAM user, and IAM role. IAM policies can be used to define what actions can be performed on what resources.
Policies can be attached to IAM users and roles to control their access to AWS resources. Policies can also be attached to AWS resources such as Kinesis Analytics to control access to the resource. This ensures that only authorized users have access to the application and resources.
In summary, both options focus on managing access to AWS resources, including Kinesis Analytics, using different identities and access control mechanisms such as IAM policies. These options ensure that only authorized users have access to the resources and help to maintain the security of the application and data.
