Securing AWS Lambda
AWS Lambda, the compute service of the Serverless ecosystem is quite powerful but when not used properly can lead to undesirable results. Lambda service is used to achieve scalability, performance and cost efficiency without managing the underlying infrastructure. The service can be used, rather is already being used in roughly all the use cases (Okay…Machine Learning use cases could be an exception here). Some of the scenario where Lambda is used are —
- Exposing APIs via AWS API Gateway and Lambda
- Stream processing
- Batch job execution
- Executing Complex workflows using Step functions and Lambda
- And many more…
Securing Lambda is a shared responsibility between AWS and the Customer. AWS manages the underlying infrastructure and application platform and as a Customer, you are responsible for securing code, data and access management of the Lambda.
Let’s look at some of the aspects which can help you secure the workload running inside Lambda —
Follow Principle of Least Privilege
Principle of Least Privilege states that a user or role should be given only those permissions which allows them to complete the desired task. Each Lambda function has an AWS Lambda Execution Role attached to it…
