A company's developers are using AWS Lambda function URLs to invoke functions directly.

Amazon Web Services SCS-C02 Question Answer

A company's developers are using AWS Lambda function URLs to invoke functions directly. The company must ensure that developers cannot configure or deploy unauthenticated functions in production accounts. The company wants to meet this requirement by using AWS Organizations. The solution must not require additional work for the developers.

Which solution will meet these requirements?

Require the developers to configure all function URLs to support cross-origin resource sharing (CORS) when the functions are called from a different domain.

Use an AWS WAF delegated administrator account to view and block unauthenticated access to function URLs in production accounts, based on the OU of accounts that are using the functions.

Use SCPs to allow all lambda:CreateFunctionUrlConfig and lambda:UpdateFunctionUrlConfig actions that have a lambda:FunctionUrlAuthType condition key value of AWS_IAM.

Use SCPs to deny all lambda:CreateFunctionUrlConfig and lambda:UpdateFunctionUrlConfig actions that have a lambda:FunctionUrlAuthType condition key value of NONE.

Amazon Web Services SCS-C02 View All Questions

Amazon Web Services SCS-C02 Summary

Vendor: Amazon Web Services
Product: SCS-C02
Update on: Aug 2, 2025
Questions: 417

Price: $52.5 ~~$149.99~~

Buy Now SCS-C02 PDF + Testing Engine Pack

A company uses Amazon GuardDuty.

A company usesAWS Organizations to run workloads in multiple AWS accounts Currently the individual team...

Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

A company's developers are using AWS Lambda function URLs to invoke functions directly.

The Answer Is:

Explanation:

Amazon Web Services SCS-C02 Summary

Payments We Accept

Contact Us