AWS Certified Developer – Associate — Question 407

A developer created a Lambda function for a web application backend. When testing the Lambda function from the AWS Lambda console, the developer can see that the function is being run, but there is no log data being generated in Amazon CloudWatch Logs, even after several minutes.
What could cause this situation?

Answer options

• A. The Lambda function does not have any explicit log statements for the log data to send it to CloudWatch Logs.
• B. The Lambda function is missing CloudWatch Logs as a source trigger to send log data.
• C. The execution role for the Lambda function is missing permissions to write log data to the CloudWatch Logs.
• D. The Lambda function is missing a target CloudWatch Log group.

Correct answer: C

Explanation

For an AWS Lambda function to successfully write logs to Amazon CloudWatch Logs, its IAM execution role must be granted the appropriate permissions, such as logs:CreateLogGroup, logs:CreateLogStream, and logs:PutLogEvents. Without these permissions, Lambda cannot write the output of its execution. Lambda automatically handles log group creation and captures standard output, meaning explicit triggers, target groups, or specialized logging code are not required for basic log generation.