Lambda permission has wildcard principal Affecting Lambda service in AWS


Severity

0.0
medium
0
10
Severity Framework
Snyk CCSS
Rule category
IAM/ Access Control

Is your environment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
Frameworks
AWS-Well-ArchitectedCSA-CCMSOC-2
  • Snyk IDSNYK-CC-00214
  • creditSnyk Research Team

Description

Lambda function policies should not allow global access. Publicly accessible Lambda functions may be runnable by anyone and could drive up your costs, disrupt your services, or leak your data.

How to fix?

In aws_lambda_permission, remove wildcard * from Principal.