AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
In a serverless architecture with Amazon API Gateway, AWS Lambda, and Amazon DynamoDB, how should you grant the Lambda function secure access to read from and write to a DynamoDB table?
In a serverless architecture with Amazon API Gateway, AWS Lambda, and Amazon DynamoDB, how should you grant the Lambda function secure access to read from and write to a DynamoDB table?
Explanation:
The most secure way to grant an AWS Lambda function access to a DynamoDB table is to use an IAM role with the appropriate permissions attached. This option avoids the security risks associated with managing and storing access keys directly. IAM roles provide temporary security credentials that are automatically rotated and managed by AWS, reducing the risk of credential leakage or misuse. Therefore, the correct answer is B: 'Assign an IAM role to Lambda with permissions for DynamoDB operations, using this role for Lambda's execution.'