AWS Certified AI Practitioner Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the AWS Certified AI Practitioner Exam with flashcards and multiple choice questions. Each question includes hints and explanations to help you succeed on your test. Get ready for certification!

Practice this question and more.

What must be ensured for a foundation model on Amazon Bedrock to access encrypted data in an S3 bucket?

Set public access for S3 buckets
Ensure the role has permission to decrypt data
Use prompt engineering techniques
Make sure S3 data is non-sensitive

The correct answer is: Ensure the role has permission to decrypt data

For a foundation model on Amazon Bedrock to access encrypted data in an S3 bucket, it is essential that the role has permission to decrypt that data. This is because encrypted data requires specific keys or permissions to be accessed. When data is stored in S3 as encrypted, it uses AWS Key Management Service (KMS) or server-side encryption with S3-managed keys, which necessitate the proper IAM policies being in place. Ensuring that the role has the necessary permissions to decrypt the data is a crucial step in maintaining security and accessibility for applications that rely on that data. Without the appropriate decryption permissions, even if the model is able to access the S3 bucket, it would be unable to read the encrypted data, rendering it unusable. The other options either compromise security or do not pertain to the fundamental requirement of accessing encrypted data. Public access would expose data to anyone on the internet, which is not a best practice for sensitive information. Prompt engineering techniques are related to how data is presented or formatted for model input and do not influence data access permissions. Finally, ensuring S3 data is non-sensitive does not address the specific need for authorization to decrypt and access sensitive or encrypted content.