Rule: Lambda functions should restrict public access
This rule ensures Lambda functions limit public access for security
| Rule | Lambda functions should restrict public access |
| Framework | NIST 800-171 Revision 2 |
| Severity | ✔ Critical |
Rule Description:
Lambda functions should have restricted public access in accordance with the compliance requirements outlined in NIST 800-171 Revision 2. This policy ensures that Lambda functions have the necessary security measures in place to protect sensitive data and adhere to the compliance standards.
Troubleshooting Steps:
If Lambda functions are found to have unrestricted public access, follow these troubleshooting steps:
- 1.Identify affected Lambda functions: Check the list of Lambda functions within your AWS account that may have unrestricted public access.
- 2.Verify the permissions: Review the existing permissions attached to the identified Lambda functions.
- 3.Check the NIST 800-171 Revision 2 requirements: Cross-check the specific requirements mentioned in NIST 800-171 Revision 2 related to restricting public access to Lambda functions.
- 4.Identify potential breaches: If any Lambda functions are found to be publicly accessible, consider them as potential security breaches.
- 5.Investigate the security incident: Analyze the nature and extent of the security incident to determine its impact and potential for data compromise.
Necessary Codes:
- 1.AWS CLI code for listing Lambda functions:
aws lambda list-functions
- 1.AWS CLI code for retrieving Lambda function details:
aws lambda get-function --function-name <function-name>
Remediation Steps:
To remediate the unrestricted public access for Lambda functions, follow these steps:
- 1.Update the function's resource-based policy: Modify the resource-based policy attached to the Lambda function to restrict public access, ensuring it meets the NIST 800-171 Revision 2 requirements.
- 2.Remove unnecessary permissions: Remove any permissions that grant public access to the Lambda function.
- 3.Implement VPC configurations: Configure the Lambda function to work within a Virtual Private Cloud (VPC) to provide added network security.
- 4.Test and validate access restrictions: After updating the policies and removing unnecessary permissions, thoroughly test the Lambda function's behavior to ensure it functions as expected while maintaining restricted public access.
- 5.Monitor and audit: Regularly monitor and audit the Lambda function to detect any unauthorized access attempts or security vulnerabilities.
- 6.Apply the same steps to all affected Lambda functions: Repeat the remediation steps mentioned above for all Lambda functions with unrestricted public access.
Remember to prioritize the security and compliance requirements defined in NIST 800-171 Revision 2 when implementing the necessary changes to the Lambda functions.