🔥 3-day streak
AWS Certified Security - Specialty10 / 157
Question 10 of 157

A financial services company builds internal Lambda functions and shared libraries used across dozens of AWS accounts. Recent industry incidents involving compromised open-source dependencies have prompted the security team to reduce software supply chain risk. They want to (1) ensure developers pull third-party packages only from an approved, versioned internal repository that proxies public registries, and (2) guarantee that only Lambda code artifacts signed by the organization's build pipeline can be deployed to production functions. Which combination of AWS services best meets these requirements?

Reviewed for accuracy · Report an issueNext question