Answer-first summary for fast verification
Answer: Create an IAM role with access to the specific S3 bucket required by the Lambda function and assign it to the Lambda function.
To ensure secure and least privilege access to the S3 bucket from the Lambda function, you should create an IAM role with access to the specific S3 bucket required by the Lambda function and assign it to the Lambda function. This approach follows the principle of least privilege by granting the Lambda function access only to the resources it needs. Option A provides excessive permissions, while options C and D are not recommended as they involve sharing credentials or using the root account, which can lead to security risks.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are working on a project that requires the use of AWS Lambda functions to process data stored in an S3 bucket. The Lambda functions need to access the S3 bucket, but you want to ensure that the access is secure and follows the principle of least privilege. Which of the following steps should you take to achieve this?
A
Create an IAM role with full access to all S3 buckets and assign it to the Lambda function.
B
Create an IAM role with access to the specific S3 bucket required by the Lambda function and assign it to the Lambda function.
C
Create an IAM user with access to the specific S3 bucket required by the Lambda function and share the access key with the Lambda function.
D
Use the root account credentials to access the S3 bucket from the Lambda function.
No comments yet.