Question 26:
You have just developed a new mobile application that handles analytics workloads on large-scale datasets stored on Amazon Redshift. Consequently, the application needs to access Amazon Redshift tables. Your company is asking to expand the scope of the application. Which of the following methods would be the best, both practically and security-wise, to access the tables? Choose the correct answer from the options below.
Answer options:
A.Create an IAM user and generate encryption keys for that user. Create a policy for Redshift read-only access. Embed the keys in the application. B.Create an HSM client certificate in Redshift and authenticate using this certificate. C.Create a Redshift read-only access policy in IAM and embed those credentials in the application. D.Use roles that allow a web identity federated user to assume a role that allows access to the Redshift table by providing temporary credentials.