Domain 2.3: Security Controls — AWS SAP-C02 Practice Question 45

How to approach this question

Identify the DynamoDB feature for row-level security.

Full Answer

B.Use a single DynamoDB table with a partition key that includes the Tenant ID, and use IAM condition keys (dynamodb:LeadingKeys) to restrict access.✓ Correct

Use a single DynamoDB table with a partition key that includes the Tenant ID, and use IAM condition keys (dynamodb:LeadingKeys) to restrict access.

For scalable multi-tenant DynamoDB architectures, a pooled model (single table) is preferred. Fine-grained access control using the IAM condition key 'dynamodb:LeadingKeys' ensures tenants can only access their own partition keys.

Common mistakes

Assuming separate tables are required for isolation, which hits scaling limits.

A company is designing a multi-tenant SaaS application. They need to ensure that each tenant's data is strictly isolated. They are using Amazon DynamoDB. What is the MOST scalable and secure way to implement tenant isolation?

How to approach this question

Full Answer

Common mistakes

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 2

More questions from this exam