Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam DOP-C02 Topic 5 Question 35 Discussion

Actual exam question for Amazon's DOP-C02 exam
Question #: 35
Topic #: 5
[All DOP-C02 Questions]

A DevOps learn has created a Custom Lambda rule in AWS Config. The rule monitors Amazon Elastic Container Repository (Amazon ECR) policy statements for ecr:' actions. When a noncompliant repository is detected, Amazon EventBridge uses Amazon Simple Notification Service (Amazon SNS) to route the notification to a security team.

When the custom AWS Config rule is evaluated, the AWS Lambda function fails to run.

Which solution will resolve the issue?

Show Suggested Answer Hide Answer
Suggested Answer: A

This corresponds to Option A: Modify the Lambda function's resource policy to grant AWS Config permission to invoke the function.

Contribute your Thoughts:

Ariel
2 months ago
Hold up, what if the Lambda function is also responsible for publishing to the SNS topic? Then B might be the solution. Gotta love these tricky AWS exam questions!
upvoted 0 times
...
Tenesha
2 months ago
Haha, I bet the person who wrote this question was just trying to trick us. A is the clear winner here, no need to overcomplicate things.
upvoted 0 times
Shay
28 days ago
C) Modify the Lambda function's execution role to include configuration changes for custom AWS Config rules.
upvoted 0 times
...
Garry
1 months ago
B) Modify the SNS topic policy to include configuration changes for EventBridge to publish to the SNS topic.
upvoted 0 times
...
Holley
1 months ago
Definitely, no need to overthink it. A is the clear winner.
upvoted 0 times
...
Nan
1 months ago
A) Modify the Lambda function's resource policy to grant AWS Config permission to invoke the function.
upvoted 0 times
...
Lonny
1 months ago
I agree, A is the best solution. Simple and straightforward.
upvoted 0 times
...
Mee
1 months ago
A) Modify the Lambda function's resource policy to grant AWS Config permission to invoke the function.
upvoted 0 times
...
...
Marquetta
2 months ago
I also think modifying the Lambda function's resource policy is the correct solution. It makes sense to grant AWS Config permission to invoke the function.
upvoted 0 times
...
Helaine
2 months ago
I agree with Levi. Without the permission, AWS Config cannot trigger the Lambda function, causing the evaluation to fail.
upvoted 0 times
...
Wai
2 months ago
Hmm, I'm not sure. Wouldn't D also work? Giving AWS Config access to the ECR API actions might be another way to resolve the problem.
upvoted 0 times
...
Levi
2 months ago
I think the solution is to modify the Lambda function's resource policy to grant AWS Config permission to invoke the function.
upvoted 0 times
...
Avery
2 months ago
I think C is the way to go. Modifying the Lambda function's execution role to include the necessary permissions for the custom Config rule should do the trick.
upvoted 0 times
Jess
2 months ago
D: I agree. Without the necessary permissions, the Lambda function won't be able to run when triggered by AWS Config.
upvoted 0 times
...
Sabra
2 months ago
C: A sounds like the correct solution. Granting AWS Config permission to invoke the function is crucial for it to work properly.
upvoted 0 times
...
Fausto
2 months ago
B: That makes sense. It's important to ensure that AWS Config has the permission to invoke the Lambda function.
upvoted 0 times
...
Leah
2 months ago
A: I think C is the way to go. Modifying the Lambda function's execution role to include the necessary permissions for the custom Config rule should do the trick.
upvoted 0 times
...
...
India
2 months ago
The solution is definitely A. AWS Config needs permission to invoke the Lambda function, and that's what the resource policy is for. Anything else won't fix the issue.
upvoted 0 times
Kent
1 months ago
C: Definitely, without granting permission, AWS Config can't trigger the Lambda function.
upvoted 0 times
...
Socorro
1 months ago
B: Yeah, modifying the Lambda function's resource policy is the way to go.
upvoted 0 times
...
Dyan
2 months ago
A: I think the solution is A. AWS Config needs permission to invoke the Lambda function.
upvoted 0 times
...
...

Save Cancel