Q4 — AWS DVA-C02 Ch.1

Question 4 of 100 | ← Chapter 1

A developer is working on an AWS Lambda function that accesses Amazon DynamoDB. The Lambda function must retrieve an item, update certain attributes, or create the item if it does not exist. The Lambda function has access to the primary key. Which IAM permissions should the developer grant to the Lambda function to achieve this functionality?

Correct Answer: D. dynamodb:UpdateItem dynamodb:GetItem dynamodb:PutItem

Explanation

To retrieve an item, update specific attributes, or create it if absent, the following permissions are required: 'dynamodb:GetItem' retrieves the item; 'dynamodb:UpdateItem' modifies specific attributes; 'dynamodb:PutItem' creates the item when it does not exist. Option A includes unnecessary 'dynamodb:DeleteItem'; Option B includes irrelevant 'dynamodb:DescribeTable'; Option C includes incorrect 'dynamodb:GetRecords' and unnecessary 'dynamodb:UpdateTable'. Therefore, Option D is correct.