You developed a Lambda function which access a table in DynamoDB, which policy to use for this access to happen?

IAM execution policy

Explanation

 

• Resource-Based Policy:
  This policy is attached directly to the Lambda function and grants permissions to specific AWS services (like S3) to invoke the function. This is the appropriate policy type for this use case because it explicitly allows S3 to trigger the Lambda function.

• IAM Execution Role:
  The IAM execution role is used to grant permissions to the Lambda function itself to access other AWS services (like S3, DynamoDB, etc.) while it is running. However, this role does not control whether S3 can invoke the Lambda function.