Examtopics

コメント(3)

• 正解だと思う選択肢: D

  Option D: The Lambda function’s execution role does not have the necessary permissions to access the KMS key that can decrypt the S3 object.

  👍 1

  matt2002024/08/14
• 正解だと思う選択肢: D

  Answer is D

  👍 1

  aragon_saa2024/08/14
• 正解だと思う選択肢: D

  The correct answer is D.

  Here is why:

  The Lambda function is configured to access the S3 bucket: The data engineer has already set up the Lambda function's execution role to access the S3 bucket. This means that basic S3 access permissions are likely in place.

  The object is encrypted with a KMS key: This is a crucial detail. When an object in S3 is encrypted with a KMS key, any entity trying to read that object needs two sets of permissions: a. Permission to access the S3 bucket and object b. Permission to use the specific KMS key for decryption

  The error occurs when trying to retrieve the content: This suggests that the Lambda function can likely see the object (as it has S3 access) but fails when trying to read its contents.

  To resolve this issue, the data engineer should grant the Lambda function's execution role the required KMS permissions. Specifically, add the 'kms:Decrypt' permission for the KMS key used to encrypt the S3 object.

  👍 1

  AgboolaKun2024/11/08