-
New Lambda execution role for AWS X-Ray
updated 3 years, 6 months ago
2 Members
·
2
Posts
-
Hello,
For the question:
A developer is planning to use the AWS Elastic Beanstalk console to run the AWS X-Ray daemon on the EC2 instances in her application environment. She will use X-Ray to construct a service map to help identify issues with her application and to provide insight on which application component to optimize. The environment is using a default Elastic Beanstalk instance profile.
Which IAM managed policy does Elastic Beanstalk use for the X-Ray daemon to upload data to X-Ray?
The available options as well as the answer is incorrect. The answer provided is – “AWSXrayWriteOnlyAccess”.
Looks like recently, the role “AWSXrayWriteOnlyAccess” was deprecated. The new role to be used is “AWSXRayDaemonWriteAccess”.
https://github.com/aws/serverless-application-model/issues/1401
https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html -
Hello anmol-dash,
Thank you for submitting this feedback.
The AWSXrayWriteOnlyAccess policy is actually still valid since you can still see it in the IAM Console (Refer to the image below). Based on this AWS Documentation: To upload data to X-Ray, the X-Ray daemon requires IAM permissions in the AWSXrayWriteOnlyAccess managed policy.
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environment-configuration-debugging.html
I have raised a pull-request to AWS to confirm if the AWSXrayWriteOnlyAccess is deprecated.
Our team will review this question, and the change will be reflected in our practice tests soon. I appreciate that you also gave a suggestion on how we can replace the option. It will definitely help us improve our content!
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam on your first try!
Regards,
Gerome @ Tutorials Dojo
Log in to reply.