Rule: Lambda Functions Concurrent Execution Limit Configured
This rule ensures the configured concurrent execution limit for Lambda functions is in compliance.
| Rule | Lambda functions concurrent execution limit configured |
| Framework | Federal Financial Institutions Examination Council (FFIEC) |
| Severity | ✔ Low |
Rule Description
The concurrency limit for Lambda functions is a configured setting that restricts the number of function invocations that can be executed simultaneously. The Federal Financial Institutions Examination Council (FFIEC) requires a specific concurrent execution limit to be set for Lambda functions operating within their environment.
Troubleshooting Steps
If there are any issues or concerns related to the configured concurrent execution limit for Lambda functions in the FFIEC environment, follow these troubleshooting steps:
- 1.
Verify the Current Limit: First, check the current setting for the concurrency limit of Lambda functions in the FFIEC environment. This can be done by accessing the Lambda management console or using the AWS CLI (Command Line Interface) with proper authentication.
CLI Command:
aws lambda get-account-settings - 2.
Compare with FFIEC Requirement: Compare the current concurrency limit with the specific requirement stated by the FFIEC. Ensure the current limit meets or exceeds the FFIEC guideline.
- 3.
Modify Concurrency Limit (If Required): If the current concurrency limit needs to be changed to comply with the FFIEC requirement, follow these steps:
a. Access the Lambda management console or use the AWS CLI with proper authentication.
b. Update the concurrency limit using one of the following methods:
- For a specific Lambda function: Edit the function's configuration settings and adjust the concurrency limit accordingly.
- For all Lambda functions in the account: Modify the account-level concurrency limit in the AWS Lambda service settings.
c. Save the changes to apply the new concurrency limit.
Code Example
If there is a need to modify the concurrency limit for Lambda functions, use the following code examples as reference:
To update the concurrency limit for a specific Lambda function using AWS CLI:
aws lambda put-function-concurrency --function-name <function-name> --reserved-concurrent-executions <concurrency-limit>Replace
with the actual name of the Lambda function and<function-name>
with the desired value for the concurrency limit.<concurrency-limit>To update the account-level concurrency limit using AWS CLI:
aws lambda put-account-settings --account-limit <concurrent-execution-limit>Replace
with the desired value for the account-level concurrency limit.<concurrent-execution-limit>
Remediation Steps
To ensure compliance with the FFIEC requirement for the configured concurrent execution limit for Lambda functions, follow these step-by-step remediation instructions:
- 1.
Access the AWS Management Console or use the AWS CLI with proper authentication to login to the AWS account associated with the FFIEC environment.
- 2.
Navigate to the AWS Lambda service.
- 3.
Identify the Lambda function(s) that need their concurrency limit to be adjusted based on the FFIEC requirement.
- 4.
If adjustment is required for a specific Lambda function:
a. Select the Lambda function.
b. Click on the "Configuration" tab.
c. Locate the "Concurrency" section.
d. Update the "Reserved Concurrent Executions" field with the desired concurrency limit according to the FFIEC guidelines.
e. Save the configuration changes.
- 5.
If adjustment is required for all Lambda functions in the account:
a. Click on the "Account Settings" tab in the Lambda service.
b. Find the "Concurrency" section.
c. Modify the "Account-Wide Concurrent Execution Limit" field with the desired concurrency limit as per the FFIEC guidelines.
d. Save the changes to update the account-level concurrency limit.
- 6.
Verify that the concurrency limit has been successfully adjusted by checking the updated settings either through the AWS Management Console or by using the AWS CLI command mentioned earlier.
- 7.
Monitor and test the Lambda functions to ensure they operate within the adjusted concurrency limit and function as expected.
By following these steps, the concurrency limit for Lambda functions in the FFIEC environment can be properly configured and remediated as per the required specifications.