A company has hundreds of AWS Lambda functions that the company's QA team needs to test b…

Question

A company has hundreds of AWS Lambda functions that the company's QA team needs to test by using the Lambda function URLs. A developer needs to configure the authentication of the Lambda functions to allow access so that the QA IAM group can invoke the Lambda functions by using the public URLs. Which solution will meet these requirements?

Accepted Answer

Correct answer: A. A. Create a CLI script that loops on the Lambda functions to add a Lambda function URL with the AWS_IAM auth type. Run another script to create an IAM identity-based policy that allows the lambda:InvokeFunctionUrl action to all the Lambda function Amazon Resource Names (ARNs). Attach the policy to the QA IAM group. — Option A is correct because it utilizes AWS_IAM as the authentication type, which is necessary for IAM users to invoke the Lambda functions securely. Options B and D use the NONE authentication type, which does not provide the needed security for the QA IAM group. Option C incorrectly suggests creating an IAM policy that only allows the QA IAM group's ARN instead of allowing access to all Lambda function ARNs.

AWS Certified Developer – Associate (DVA-C02) — Question 90

Answer options

Correct answer: A

Explanation