Answer-first summary for fast verification
Answer: Assign an IAM role to Lambda with permissions for DynamoDB operations, using this role for Lambda's execution.
The most secure way to grant an AWS Lambda function access to a DynamoDB table is to use an IAM role with the appropriate permissions attached. This option avoids the security risks associated with managing and storing access keys directly. IAM roles provide temporary security credentials that are automatically rotated and managed by AWS, reducing the risk of credential leakage or misuse. Therefore, the correct answer is B: 'Assign an IAM role to Lambda with permissions for DynamoDB operations, using this role for Lambda's execution.'
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In a serverless architecture with Amazon API Gateway, AWS Lambda, and Amazon DynamoDB, how should you grant the Lambda function secure access to read from and write to a DynamoDB table?
A
Create an IAM user for the Lambda function, assign a policy for DynamoDB access, and store access keys in the Lambda environment variables while securing the Lambda configuration.
B
Assign an IAM role to Lambda with permissions for DynamoDB operations, using this role for Lambda's execution.
C
Create an IAM user, assign DynamoDB access policy, store access keys in AWS Systems Manager, and modify Lambda code to fetch these keys for database operations.
D
Establish an IAM role with DynamoDB access permissions, integrate this role into Lambda's execution environment.