A development team is engaged in developing an AWS Lambda function that interacts with a DynamoDB table. The specific functionality of this Lambda function involves performing an "upsert" operation. This operation entails either retrieving an existing item and updating certain attributes or creating a new item if it does not already exist in the table.

Which of the following options outlines the minimal IAM permissions necessary for the Lambda function to successfully carry out this upsert operation?