AWS - Identity and Access Management
You have a cross-account role that your AWS Lambda function needs to assume. What must you configure in the role's trust policy to allow this?
You have a cross-account role that your AWS Lambda function needs to assume. What must you configure in the role's trust policy to allow this?
hard📝 Application Q9 of 15
Step-by-Step Solution
Solution:
Step 1: Understand trust policy requirements
The trust policy must list the ARN of the entity allowed to assume the role, here the Lambda execution role ARN.Step 2: Eliminate incorrect trust entities
Names, environment variables, or memory size are not valid trusted entities in IAM policies.Final Answer:
Add the Lambda function's execution role ARN as a trusted entity -> Option DQuick Check:
Trust policy needs execution role ARN [OK]
Quick Trick: Trust policy requires execution role ARN, not function name [OK]
Common Mistakes:
MISTAKES- Using function name instead of role ARN
- Confusing environment variables with trust entities
- Adding unrelated properties like memory size
Master "Identity and Access Management" in AWS
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore AWS Quizzes