my-function
Region: us-west-2
Overview
Critical
0High
0Medium
2Low
0Informational
0Security issues (2)
Severity | Non-Compliance | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|
Medium | — | Lambda function encrypts the environment variables at rest with an encryption key "aws/lambda", which is not a recommended KMS customer-managed key, but an AWS default key. | Make sure the environment variables are protected with a KMS customer-managed key. If you store sensitive data in the environment variables, use AWS Secrets Manager instead. | More info | |
Medium | — | Lambda function has no access to VPC-only resources. | Configuring your Lambda function to access resources in a VPC. | More info |