A SysOps Administrator is writing an AWS Lambda function in AWS Account A to put objects in an Amazon S3 bucket in AWS Account B. The Lambda function is able to successfully write new objects to the S3 bucket, but IAM users in Account B are unable to delete objects written to the bucket by Account A. Which step will fix this issue?

Topic #: - All AWS-SysOps Questions

A. Add s3:DeleteObject permission to the IAM execution role of the AWS Lambda function in Account A.
B. Change the bucket policy of the S3 bucket in Account B to allow s3:DeleteObject permission for Account A.
C. Disable server-side encryption for objects written to the S3 bucket by the Lambda function.
D. Modify the Lambda function to call the S3:PutObjectAcl API operation to specify bucket owner, full control.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion