Amazon Exam DVA-C01 Topic 6 Question 6 Discussion

Actual exam question for Amazon's DVA-C01 exam

Question #: 6
Topic #: 6

A developer has code stored in an Amazon S3 bucket The code must be deployed as an AWS Lambda function across multiple accounts in the same Region as the S3 bucket The Lambda function will be deployed using an AWS CloudFormation template that is run for each account

What is the MOST secure approach to allow access to the Lambda code in the S3 bucket?

AGrant the CloudFormation execution role S3 list and get permissions Add a bucket policy to Amazon S3 with the Pnncipal of 'AWS': [account numbers].

BGrant the CloudFormation execution role S3 get permissions Add a bucket policy to Amazon S3 with the Principal of ''.

CUse a service-based link to grant the Lambda function S3 list and get permissions by explicitly adding the S3 bucket's account number in the resource

DUse a service-based link to grant the Lambda function S3 get permissions and add a Resource of '*' to allow access to the S3 bucket.

Show Suggested Answer

Suggested Answer: A

by Eun at May 07, 2022, 10:11 PM

Limited Time Offer

25%

Off

Get Premium DVA-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!