Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 165 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 165
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

An application that runs on AWS Lambda requires access to specific highly confidential objects in an Amazon S3 bucket. In accordance with the principle of least privilege, a company grants access to the S3 bucket by using only temporary credentials.

How can a developer configure access to the S3 bucket in the MOST secure way?

  • A. Hardcode the credentials that are required to access the S3 objects in the application code. Use the credentials to access the required S3 objects.
  • B. Create a secret access key and access key ID with permission to access the S3 bucket. Store the key and key ID in AWS Secrets Manager. Configure the application to retrieve the Secrets Manager secret and use the credentials to access the S3 objects.
  • C. Create a Lambda function execution role. Attach a policy to the role that grants access to specific objects in the S3 bucket.
  • D. Create a secret access key and access key ID with permission to access the S3 bucket. Store the key and key ID as environment variables in Lambda. Use the environment variables to access the required S3 objects.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by fordiscussionstwo at Oct. 6, 2023, 2:15 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
dilleman
Highly Voted 1 year, 1 month ago
Selected Answer: C
C should be correct: https://docs.aws.amazon.com/lambda/latest/operatorguide/least-privilege.html
upvoted 12 times
...
Digo30sp
Highly Voted 1 year, 1 month ago
Selected Answer: B
The correct answer is (B). Option (B) is the most secure way to configure S3 bucket access because the credentials are stored in a safe and secure location. AWS Secrets Manager uses public key cryptography to protect stored secrets.
upvoted 6 times
dezoito
1 year, 1 month ago
B goes against the least privilege principle beacuse it gives access to the whole bucket
upvoted 5 times
aws_god
2 weeks, 1 day ago
It states: "grants access to specific objects in the S3 bucket" so it will not give access to the whole bucket
upvoted 1 times
...
Melisa202401
7 months, 1 week ago
Store credentials in aws secret manager, it will be rotated => so it comply the least privilege principle!
upvoted 1 times
...
...
...
65703c1
Most Recent 5 months, 3 weeks ago
Selected Answer: C
C is the correct answer.
upvoted 1 times
...
SerialiDr
10 months ago
Selected Answer: C
This is the most secure and recommended approach. By attaching an IAM policy to the Lambda execution role that grants access only to the specific S3 objects needed, you adhere to the principle of least privilege. This method also uses AWS's built-in mechanism for providing temporary credentials to the Lambda function, eliminating the need to manage access keys.
upvoted 2 times
...
LemonGremlin
1 year ago
Selected Answer: C
C. Create a Lambda function execution role. Attach a policy to the role that grants access to specific objects in the S3 bucket.
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel