Which combination of permissions should the developer use to resolve this error?
(Choose two.)
Cross-account IAM role
Permission for the Lambda function to list buckets in Amazon S3
Permission for the Lambda function to write in DynamoDB
Permission for Amazon S3 to invoke the Lambda function
Permission for DynamoDB to invoke the Lambda function
Explanations:
A cross-account IAM role is not necessary in this scenario unless the Lambda function needs to access resources in a different AWS account. Since the function is interacting with S3 and DynamoDB within the same account, this option does not apply.
The Lambda function needs permission to list buckets in Amazon S3. Without this permission, the function cannot retrieve the list of S3 buckets, leading to a permissions error. Therefore, this permission is essential for the function’s operation.
The Lambda function must have permission to write to the DynamoDB table. This permission is required for storing the list of S3 buckets retrieved by the function. Without it, the function will not be able to successfully save the data to DynamoDB, resulting in a permissions error.
Permission for Amazon S3 to invoke the Lambda function is not relevant in this context. The Lambda function is being invoked on a schedule, not by S3. Thus, this permission does not resolve the issue being faced.
Permission for DynamoDB to invoke the Lambda function is also not applicable here. The Lambda function is not being invoked by DynamoDB, so this permission is not necessary for the task of listing S3 buckets and writing to DynamoDB.
As I understand it, the answer is:
Permission for the Lambda function to list buckets in Amazon S3