AWS Certified Developer Associate DVA-C02 Practice Question
A developer is configuring a Lambda function to access resources in a separate AWS account. To follow best security practices, the developer needs to grant the Lambda function the necessary permissions. What should the developer use to accomplish this?
Attach an inline policy to the Lambda function's execution role granting access to the target account resources.
Store the target account user's credentials in Lambda environment variables and use them to access resources.
Use the Lambda function's own execution role directly to access resources in the target account without assuming any roles.
Create an IAM role in the target account that the Lambda function can assume, with the necessary permissions attached.