A security engineer is troubleshooting an AWS Lambda function that is named MyLambdaFunction. The function is encountering an error when the function attempts to read the objects in an Amazon S3 bucket that is named DOC-EXAMPLE-BUCKET. The S3 bucket has the following bucket policy:
Which change should the security engineer make to the policy to ensure that the Lambda function can read the bucket objects?
A. Remove the Condition element. Change the Principal element to the following:
B. Change the Action element to the following:
C. Change the Resource element to "arn:aws:s3:::DOC-EXAMPLE- BUCKET/*''.
D. Change the Resource element to "arn:aws:lambda:::function:MyLambdaFunction". Change the Principal element to the following:
Â
Suggested Answer: B
Community Answer: C
This question is in SCS-C02 AWS Certified Security – Specialty Exam
For getting AWS Certified Security – Specialty Certificate
Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exam.
