Topic 1 Question 105
A data engineer creates an AWS Lambda function that an Amazon EventBridge event will invoke. When the data engineer tries to invoke the Lambda function by using an EventBridge event, an AccessDeniedException message appears.
How should the data engineer resolve the exception?
Ensure that the trust policy of the Lambda function execution role allows EventBridge to assume the execution role.
Ensure that both the IAM role that EventBridge uses and the Lambda function's resource-based policy have the necessary permissions.
Ensure that the subnet where the Lambda function is deployed is configured to be a private subnet.
Ensure that EventBridge schemas are valid and that the event mapping configuration is correct.
ユーザの投票
コメント(6)
- 正解だと思う選択肢: B
The lambda resource based policy must allow the events principle to invoke the lambda function. https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-run-lambda-schedule.html#eb-schedule-create-rule and https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-run-lambda-schedule.html#eb-schedule-create-rule Amazon SQS, Amazon SNS, Lambda, CloudWatch Logs, and EventBridge bus targets do not use roles, and permissions to EventBridge must be granted via a resource policy.
👍 5artworkad2024/06/17 - 正解だと思う選択肢: B
IAM Role for EventBridge: EventBridge needs permission to invoke the Lambda function. Lambda Resource-Based Policy: The Lambda function must have a resource-based policy that allows EventBridge to invoke it.
👍 3tgv2024/06/15 - 正解だと思う選択肢: B
"B" is corect because the only way to resolve the AccessDeniedException message is to make sure both the IAM role for EventBridge and the Lambda function's resource-based policy have the necessary permissions.
👍 3rpwags2024/06/22
シャッフルモード