🔥 3-day streak
AWS Certified Developer - Associate96 / 150
Question 96 of 150

A developer deploys a Lambda function that must write items to a single DynamoDB table named OrdersTable and publish notifications to one SNS topic. During code review, a security engineer flags the function's execution role, which currently attaches the AWS managed policy AmazonDynamoDBFullAccess and AmazonSNSFullAccess. The team must follow least-privilege best practices without breaking the function. What should the developer do?

Reviewed for accuracy · Report an issueNext question