AWS Lambda
Overview
Critical
0High
0Medium
9Low
0Informational
0Security issues (9)
Severity | Non-Compliance | Region | Resource | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|---|---|
Medium | — | us-east-1 | test-collector | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | us-east-1 | test-collector | Lambda function has no access to VPC-only resources. | Configuring your Lambda function to access resources in a VPC. | More info | |
Medium | — | us-east-1 | test-scanner | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | us-east-1 | test-db-responder | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | us-east-1 | test-db-responder | Lambda function has no access to VPC-only resources. | Configuring your Lambda function to access resources in a VPC. | More info | |
Medium | — | us-east-1 | test-scheduler | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | us-east-1 | test-scheduler | Lambda function has no access to VPC-only resources. | Configuring your Lambda function to access resources in a VPC. | More info | |
Medium | — | us-west-2 | my-function | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | us-west-2 | my-function | Lambda function has no access to VPC-only resources. | Configuring your Lambda function to access resources in a VPC. | More info |
Functions (5)
Region | Function name | Description | Package type | Runtime | Code Size | Last modified | Security issues |
---|---|---|---|---|---|---|---|
us-east-1 | test-collector | — | Image | — | — | 2 Medium (details) | |
us-east-1 | test-scanner | — | Zip | python3.8 | 7.27 KB | 1 Medium (details) | |
us-east-1 | test-db-responder | — | Zip | python3.8 | 1.04 KB | 2 Medium (details) | |
us-east-1 | test-scheduler | — | Zip | python3.8 | 860.0 bytes | 2 Medium (details) | |
us-west-2 | my-function | — | Zip | nodejs14.x | 304.0 bytes | 2 Medium (details) |