Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
In a company's shared AWS account, a Lambda function requires permission to perform ec2:DescribeInstances on the development accounts. How should a developer configure permissions to follow the principle of least privilege?
A
Create and configure an IAM role in the shared account with a trust relationship to development accounts and update Lambda's IAM role with necessary permissions.
B
Create and configure an IAM role in the development accounts with a trust relationship to the shared account and update Lambda's IAM role with necessary permissions.
C
Establish an IAM role in the shared account with permissions and trust for development accounts, then update Lambda's IAM role in the shared account.
D
Establish an IAM role in the development accounts with permissions and trust for the shared account, then update Lambda's IAM role in the shared account.
