Ensure Lambda functions only allow cross account access to accounts in your organization

Ensure that your Lambda functions are not exposed to accounts that are not in your organization by validating their access policy. This will help with protecting the function against unauthorized users that are sending request to invoke these functions. For this reason this is considered a security best practice and should have public access removed. Ensuring this is enabled will help you with PCI-DSS and GDPR compliance.

Audit & Remediation

 

 

  • Select the function under Function name in order to gain access to the individual function.
  • Select the Permissions tab the scroll down to the Resource-based policy section.

 

 

  • If no policy is found, then your function is not allowing cross account access.
  • If you currently do have a policy set, Inside the Lambda function policy box, check the Principal element value. If the value is current set, validate that the account number listed here is a part of your organization and is a trusted account.

 

 

See all of your AWS Lambda Functions in a single place!

Do you want to see all of your Lambda Functions in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +