Topic 1 Question 59
A security engineer logs in to the AWS Lambda console with administrator permissions. The security engineer is trying to view logs in Amazon CloudWatch for a Lambda function that is named myFunction. When the security engineer chooses the option in the Lambda console to view logs in CloudWatch, an "error loading Log Streams" message appears. The IAM policy for the Lambda function's execution role contains the following:
How should the security engineer correct the error?Move the logs:CreateLogGroup action to the second Allow statement.
Add the logs:PutDestination action to the second Allow statement.
Add the logs:GetLogEvents action to the second Allow statement.
Add the logs:CreateLogStream action to the second Allow statement.
ユーザの投票
コメント(13)
- 正解だと思う選択肢: D👍 6100fold2023/10/18
Correct Answer is D
👍 3kk20002023/10/07- 正解だと思う選択肢: D
Action "logs:GetLogEvents" gets log events from log stream (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html), but there no log stream on first place!
Correct answer is allowing the function to create log stream (through logs:CreateLogStream).
D.
👍 3Raphaello2024/02/20
シャッフルモード