Answer-first summary for fast verification
Answer: By scripting to add AWS_IAM auth type URLs for Lambda and creating an identity-based policy granting lambda:InvokeFunctionUrl to all Lambda ARNs, then attaching to the QA group.
Option A is the correct answer because it leverages AWS IAM authentication (AWS_IAM auth type) for Lambda function URLs, ensuring only authenticated and authorized IAM entities in the QA IAM group can invoke the Lambda functions. The approach involves creating a script to loop through the Lambda functions to add URLs with AWS_IAM auth type and another script to create an IAM identity-based policy that grants the lambda:InvokeFunctionUrl action. This policy is then attached to the QA IAM group, allowing controlled and secure access according to AWS best practices.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can a developer configure hundreds of AWS Lambda functions for QA team testing using public URLs, ensuring that only the QA IAM group can invoke them?
A
By scripting to add AWS_IAM auth type URLs for Lambda and creating an identity-based policy granting lambda:InvokeFunctionUrl to all Lambda ARNs, then attaching to the QA group.
B
By scripting to add NONE auth type URLs for Lambda and creating a resource-based policy granting lambda:InvokeFunctionUrl to all Lambda ARNs, then attaching to the QA group.
C
By scripting to add AWS_IAM auth type URLs for each Lambda and individually creating identity-based policies granting lambda:InvokeFunctionUrl from the QA group's ARN.
D
By scripting to add NONE auth type URLs for each Lambda and individually creating resource-based policies granting lambda:InvokeFunctionUrl from the QA group's ARN.
No comments yet.