AWS Certified Solutions Architect – Associate (SAA-C03) — Question 331

An ecommerce company stores terabytes of customer data in the AWS Cloud. The data contains personally identifiable information (PII). The company wants to use the data in three applications. Only one of the applications needs to process the PII. The PII must be removed before the other two applications process the data.

Which solution will meet these requirements with the LEAST operational overhead?

Answer options

• A. Store the data in an Amazon DynamoDB table. Create a proxy application layer to intercept and process the data that each application requests.
• B. Store the data in an Amazon S3 bucket. Process and transform the data by using S3 Object Lambda before returning the data to the requesting application.
• C. Process the data and store the transformed data in three separate Amazon S3 buckets so that each application has its own custom dataset. Point each application to its respective S3 bucket.
• D. Process the data and store the transformed data in three separate Amazon DynamoDB tables so that each application has its own custom dataset. Point each application to its respective DynamoDB table.

Correct answer: B

Explanation

Amazon S3 Object Lambda allows the company to use AWS Lambda functions to automatically redact PII from the data on-the-fly as it is retrieved, requiring no duplicate datasets and minimal management. Options C and D introduce high operational overhead and increased storage costs by duplicating and maintaining three separate datasets. Option A requires building and maintaining a custom proxy application layer, which is operationally complex compared to using a native AWS managed service.