nerdexam
Amazon

DVA-C02 · Question #752

A developer is configuring an AWS Lambda function that runs in one AWS account to query an Amazon DynamoDB table that is in a second AWS account. The two accounts are part of an organization in AWS Or

The correct answer is D. Update the Lambda function execution role to allow access to the DynamoDB table. Attach a. The correct and secure cross-account access pattern involves: - Updating the Lambda function's execution role in Account A to allow dynamodb:* actions on the - Attaching a resource-based policy to the DynamoDB table in Account B that explicitly allows access from the execution ro

Submitted by yousef_jo· Mar 5, 2026Security

Question

A developer is configuring an AWS Lambda function that runs in one AWS account to query an Amazon DynamoDB table that is in a second AWS account. The two accounts are part of an organization in AWS Organizations that has all features enabled. Which solution will meet these requirements?

Options

  • AUse a resource-based policy to allow the Lambda function access to the DynamoDB table Attach
  • BCreate a service control policy (SCP) that allows access to the DynamoDB table Apply the SCP
  • CIn the account that contains the DynamoDB table, create a new IAM role. Grant the Lambda
  • DUpdate the Lambda function execution role to allow access to the DynamoDB table. Attach a

How the community answered

(52 responses)
  • A
    23% (12)
  • B
    13% (7)
  • C
    8% (4)
  • D
    56% (29)

Explanation

The correct and secure cross-account access pattern involves: - Updating the Lambda function's execution role in Account A to allow dynamodb:* actions on the - Attaching a resource-based policy to the DynamoDB table in Account B that explicitly allows access from the execution role ARN in Account A.

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice