Managing Lambda Permissions for Kinesis Data Streams

Answer- B and D.

Option A is incorrect because the change should be in the Lambda execution role.

Option B is CORRECT because the Lambda execution role should be created for the Lambda function with suitable permissions.

Option C is incorrect because there is no AWS managed IAM policy AWSLambdaExecutionRole.

Option D is CORRECT because the AWS managed policy AWSLambdaKinesisExecutionRole has suitable permissions for Lambda functions to manage Kinesis data streams.

For more information on using Kinesis with AWS Lambda, please refer to the below URL.

To ensure that the Lambda functions have suitable permissions to manage resources related to Kinesis data streams, you need to perform the following two steps:

1. Create a Lambda execution role for the Lambda functions: A Lambda execution role defines the permissions that AWS Lambda requires to perform actions on your behalf. It is recommended to create a separate execution role for each Lambda function to ensure that each function has only the necessary permissions to access the resources it needs. This role should include permissions to access the Kinesis data stream.

2. Attach the AWSLambdaKinesisExecutionRole policy to the Lambda execution role: The AWSLambdaKinesisExecutionRole policy is a predefined AWS policy that provides permissions to read and write to Kinesis data streams. You can attach this policy to the Lambda execution role you created to give the Lambda function the necessary permissions to access the Kinesis data stream.

Therefore, options B and D are the correct answers. Option A is incorrect because there is no service role called AWS Kinesis. Option C is incorrect because AWSLambdaExecutionRole only provides basic Lambda execution permissions, but not specific permissions for Kinesis data streams.