A SysOps Administrator is writing a utility that publishes resources from an AWS Lambda function in AWS Account A to an Amazon S3 bucket in AWS Account B. The Lambda function is able to successfully write new objects to the S3 bucket, but IAM users in Account B are unable to delete objects written to the bucket by Account A. Which step will fix this issue?
A) Add s3:DeleteObject permission to the IAM execution role of the AWS Lambda function in Account A. Add s3:DeleteObject permission to the IAM execution role of the AWS Lambda function in Account A.
B) Change the bucket policy of the S3 bucket in Account B to allow s3:DeleteObject permission for Account A. Change the bucket policy of the S3 bucket in Account B to allow permission for Account A.
C) Disable server-side encryption for objects written to the S3 bucket by the Lambda function.
D) Call the S3:PutObjectAcl API operation from the Lambda function in Account A to specify bucket owner, full control. Call the S3:PutObjectAcl API operation from the Lambda function in Account A to specify bucket owner, full control.
Correct Answer:
Verified
Q841: An application resides on multiple EC2 instances
Q842: True or False: Amazon Route 53 provides
Q843: An organization with a large IT department
Q844: Which of the following services can receive
Q845: A SysOps Administrator must devise a strategy
Q847: An organization has developed a new memory-intensive
Q848: A user is trying to create a
Q849: A customer enquires about whether all his
Q850: A SysOps Administrator is creating an Amazon
Q851: An instance has enabled basic monitoring only
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents