Home / Amazon / SAA-C01 / Question 262

A solutions Architect is designing a new workload where an AWS Lambda function will access an Amazon DynamoDB table.What is the MOST secure means of granting the Lambda function access to the DynamoDB table?

• Create an identity and access management (IAM) role with the necessary permissions to access the DynamoDB table, and assign the role to the Lambda function.

• Create a DynamoDB user name and password and give them to the Developer to use in the Lambda function.

• Create an identity and access management (IAM) user, and create access and secret keys for the user. Give the user the necessary permissions to access the DynamoDB table. Have the Developer use these keys to access the resources.

• Create an identity and access management (IAM) role allowing access from AWS Lambda and assign the role to the DynamoDB table.

https://aws.amazon.com/blogs/security/how-to-create-an-aws-iam-policy-to-grant-aws-lambda-access-to-an-amazon-dynamodb-table/