A company is using AWS Key Management Service (AWS KMS) keys to encrypt AWS Lambda environment variables. A solutions architect needs to ensure that the required permissions are in place to decrypt and use the environment variables. Which steps must the solutions architect take to implement the correct permissions? (Choose two.)
AAdd AWS KMS permissions in the Lambda resource policy.
BAdd AWS KMS permissions in the Lambda execution role.
CAdd AWS KMS permissions in the Lambda function policy.
DAllow the Lambda execution role in the AWS KMS key policy.
EAllow the Lambda resource policy in the AWS KMS key policy.