ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Security - Specialty SCS-C02 All Questions

View all questions & answers for the AWS Certified Security - Specialty SCS-C02 exam
Go to Exam

Exam AWS Certified Security - Specialty SCS-C02 topic 1 question 1 discussion

Exam question from Amazon's AWS Certified Security - Specialty SCS-C02
Question #: 1
Topic #: 1
[All AWS Certified Security - Specialty SCS-C02 Questions]

A company has an AWS Lambda function that creates image thumbnails from larger images. The Lambda function needs read and write access to an Amazon S3 bucket in the same AWS account.
Which solutions will provide the Lambda function this access? (Choose two.)

  • A. Create an IAM user that has only programmatic access. Create a new access key pair. Add environmental variables to the Lambda function with the access key ID and secret access key. Modify the Lambda function to use the environmental variables at run time during communication with Amazon S3.
  • B. Generate an Amazon EC2 key pair. Store the private key in AWS Secrets Manager. Modify the Lambda function to retrieve the private key from Secrets Manager and to use the private key during communication with Amazon S3.
  • C. Create an IAM role for the Lambda function. Attach an IAM policy that allows access to the S3 bucket.
  • D. Create an IAM role for the Lambda function. Attach a bucket policy to the S3 bucket to allow access. Specify the function's IAM role as the principal.
  • E. Create a security group. Attach the security group to the Lambda function. Attach a bucket policy that allows access to the S3 bucket through the security group ID.
Show Suggested Answer Hide Answer
Suggested Answer: CD 🗳️
by RayHK at Oct. 4, 2023, 2:44 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Raphaello
Highly Voted 1 year, 2 months ago
CD Why the answers for many questions are categorically wrong?
upvoted 6 times
...
awssecuritynewbie
Most Recent 5 months, 2 weeks ago
Selected Answer: CD
for sure this will be the use of AWS ROLES it is simple, you attach a role to the lambda to be able to access certain S3 bucket.
upvoted 2 times
...
FunkyFresco
6 months, 2 weeks ago
Selected Answer: CD
C and D
upvoted 1 times
...
shailvardhan
9 months, 1 week ago
Selected Answer: CD
100% it is C and D
upvoted 1 times
...
leaddev
11 months, 1 week ago
C & D are the correct answers
upvoted 1 times
...
Raphaello
1 year ago
Selected Answer: CD
CD Always create execution role for your lambda function, as a best practice.
upvoted 1 times
...
aescudero51
1 year ago
Respuesta seleccionada: CD
upvoted 1 times
...
Daniel76
1 year, 3 months ago
Selected Answer: CD
Answer is CD
upvoted 3 times
...
lalee2
1 year, 4 months ago
Selected Answer: CD
same account. for ABAC IAM role w/ policy will do. RBAC requires principal
upvoted 1 times
...
pupsik
1 year, 4 months ago
Selected Answer: CD
Permission needs to be specified either from Lambda's role policy, or from S3 bucket's resource policy.
upvoted 2 times
...
KR693
1 year, 4 months ago
c and d
upvoted 2 times
...
dhax12
1 year, 4 months ago
Any type of key means a long term access. Always use IAM roles to keep access temporarily. Answer should be C&D
upvoted 2 times
...
RayHK
1 year, 5 months ago
vote for C and D
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago