AWS Certified Data Engineer – Associate (DEA-C01) — Question 128

A company has implemented a lake house architecture in Amazon Redshift. The company needs to give users the ability to authenticate into Redshift query editor by using a third-party identity provider (IdP).

A data engineer must set up the authentication mechanism.

What is the first step the data engineer should take to meet this requirement?

Answer options

• A. Register the third-party IdP as an identity provider in the configuration settings of the Redshift cluster.
• B. Register the third-party IdP as an identity provider from within Amazon Redshift.
• C. Register the third-party IdP as an identity provider for AVS Secrets Manager. Configure Amazon Redshift to use Secrets Manager to manage user credentials.
• D. Register the third-party IdP as an identity provider for AWS Certificate Manager (ACM). Configure Amazon Redshift to use ACM to manage user credentials.

Correct answer: B

Explanation

The correct answer is B because the data engineer needs to register the third-party IdP directly within the Amazon Redshift service to enable authentication. Options A, C, and D are incorrect as they involve configuring the IdP in other services or areas that do not directly facilitate the authentication process in Redshift query editor.