AWS Certified SysOps Administrator – Associate — Question 366

A development team created and deployed a new AWS Lambda function 15 minutes ago. Although the function was invoked many times, Amazon CloudWatch Logs are not showing any log messages.

What is one cause of this?

Answer options

• A. The developers did not enable log messages for this Lambda function.
• B. The Lambda function's role does not include permissions to create CloudWatch Logs items.
• C. The Lambda function raises an exception before the first log statement has been reached.
• D. The Lambda functions creates local log files that have to be shipped to CloudWatch Logs first before becoming visible.

Correct answer: B

Explanation

For an AWS Lambda function to write logs to Amazon CloudWatch Logs, its execution IAM role must explicitly have permissions to create log groups, create log streams, and upload log events. Without these permissions, no log streams will be created in CloudWatch even if the function is invoked successfully. Other options are incorrect because Lambda integrates with CloudWatch automatically and does not write to a local file system that requires manual log shipping.