# AWS-Certified-Developer---Associate-DVA-C02 — Question 426

**Type:** multiple_choice
**Topics:** topic_1

## Question

A company uses AWS Lambda functions and an Amazon S3 trigger to process images into an S3 bucket. A development team set up multiple environments in a single AWS account.

After a recent production deployment, the development team observed that the development S3 buckets invoked the production environment Lambda functions. These invocations caused unwanted execution of development S3 files by using production Lambda functions. The development team must prevent these invocations. The team must follow security best practices.

Which solution will meet these requirements?

## Correct Answer

_See scenario._

## Explanation

Selected Answer: C
B is a wrong answer because I do not understand the need to move the environments to separate AWS accounts. The resource policy in the production environment can be used to control which S3 bucket invokes the function. 

In my understanding, the answer choice C fulfills the security best practices requirement in the question.

**Reference:** examtopics_top_comment

---
Source: https://hiexam.net/q/amazon/AWS-Certified-Developer---Associate-DVA-C02/426  
Practice (tracked): https://hiexam.net/study/AWS-Certified-Developer---Associate-DVA-C02/practice