Which step will fix this issue?

Posted by: Pdfprep Category: SOA-C01 Tags: , ,

A SysOps Administrator is writing a utility that publishes resources from an AWS Lambda function in AWS account A to an Amazon S3 bucket in AWS Account B. The Lambda function is able to successfully write new objects to the S3 bucket, but IAM users in Account B are unable to delete objects written to the bucket by Account A.

Which step will fix this issue?

A. Add s3:Deleteobject permission to the IAM execution role of the AWS Lambda function in Account A.

B. Change the bucket policy of the S3 bucket in Account B to allow s3:Deleteobject permission for Account A.

C. Disable server-side encryption for objects written to the S3 bucket by the Lambda function.

D. Call the S3:PutObjectAcl API operation from the Lambda function in Account A to specify bucket owner, full control.

Answer: A

Leave a Reply

Your email address will not be published.