Question #1328
What is a customer responsibility under the AWS shared responsibility model when using AWS Lambda?
Maintenance of the Lambda service's availability across regions.
Configuration of the Lambda function's execution role permissions.
Patching the runtime environment used by Lambda functions.
Physical security of the servers running Lambda functions.
Explanation
Under the AWS shared responsibility model, AWS manages the security of the cloud (e.g., physical infrastructure, runtime patches, and service availability), while customers handle security in the cloud. For AWS Lambda:
- B (Correct): Customers must configure execution role permissions to control what the Lambda function can access, as this is part of identity and access management (IAM).
- A (Incorrect): AWS ensures Lambda's availability across regions; this is part of their infrastructure responsibility.
- C (Incorrect): AWS patches the runtime environment; customers only provide code.
- D (Incorrect): Physical security of servers is managed by AWS.
Key Point: Customers are always responsible for configuring access controls and permissions for their resources, even in serverless services like Lambda.
Answer
The correct answer is: B