Lambda permission has wildcard principal Affecting Lambda service in AWS

Snyk CCSS

IAM / Access Control

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

AWS-Well-Architected CSA-CCM SOC-2

Snyk ID SNYK-CC-00214
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Lambda function policies should not allow global access. Publicly accessible Lambda functions may be runnable by anyone and could drive up your costs, disrupt your services, or leak your data.

How to fix?

In aws_lambda_permission, remove wildcard * from Principal.

Lambda permission has wildcard principal Affecting Lambda service in AWS

Severity

Description

How to fix?