🔥 3-day streak
AWS Certified Solutions Architect - Associate73 / 150
Question 73 of 150
A financial services company wants to let its development team create their own IAM roles for Lambda functions without opening a ticket each time. Security requires that any role the developers create can never grant more than read/write access to a specific set of DynamoDB tables and S3 buckets, even if the developers attach broader policies. Which approach meets these requirements with the least ongoing administrative effort?
Reviewed for accuracy · Report an issueNext question →