AWS Certified Machine Learning – Specialty — Question 294

A data scientist stores financial datasets in Amazon S3. The data scientist uses Amazon Athena to query the datasets by using SQL.

The data scientist uses Amazon SageMaker to deploy a machine learning (ML) model. The data scientist wants to obtain inferences from the model at the SageMaker endpoint. However, when the data scientist attempts to invoke the SageMaker endpoint, the data scientist receives SQL statement failures. The data scientist’s IAM user is currently unable to invoke the SageMaker endpoint.

Which combination of actions will give the data scientist’s IAM user the ability to invoke the SageMaker endpoint? (Choose three.)

Answer options

• A. Attach the AmazonAthenaFullAccess AWS managed policy to the user identity.
• B. Include a policy statement for the data scientist's IAM user that allows the IAM user to perform the sagemaker:InvokeEndpoint action.
• C. Include an inline policy for the data scientist’s IAM user that allows SageMaker to read S3 objects.
• D. Include a policy statement for the data scientist’s IAM user that allows the IAM user to perform the sagemaker:GetRecord action.
• E. Include the SQL statement "USING EXTERNAL FUNCTION ml_function_name'' in the Athena SQL query.
• F. Perform a user remapping in SageMaker to map the IAM user to another IAM user that is on the hosted endpoint.

Correct answer: A, B, E

Explanation

To invoke a SageMaker endpoint from Amazon Athena, the IAM user must have the necessary Athena permissions provided by the AmazonAthenaFullAccess policy and explicit permission to run the sagemaker:InvokeEndpoint action. Additionally, the SQL query in Athena must use the USING EXTERNAL FUNCTION syntax to correctly reference and trigger the SageMaker ML model. Other options, such as sagemaker:GetRecord or S3 read permissions on the user, do not address the endpoint invocation permissions or correct SQL syntax requirements.