aws lambda func url not in use#1970
Open
muzzamilinovaqo wants to merge 12 commits intoaquasecurity:masterfrom
Open
aws lambda func url not in use#1970muzzamilinovaqo wants to merge 12 commits intoaquasecurity:masterfrom
muzzamilinovaqo wants to merge 12 commits intoaquasecurity:masterfrom
Conversation
fatima99s
suggested changes
Mar 28, 2024
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
fatima99s
suggested changes
Apr 17, 2024
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
Co-authored-by: Fatima <66124862+fatima99s@users.noreply.github.com>
alphadev4
reviewed
Apr 18, 2024
|
|
||
| if (!urlConfigs || urlConfigs.err || !urlConfigs.data) { | ||
| helpers.addResult(results, 3, | ||
| `Unable to query for Lambda function URL configs: ${helpers.addError(urlConfigs)}`, region, resource); |
Collaborator
There was a problem hiding this comment.
Suggested change
| `Unable to query for Lambda function URL configs: ${helpers.addError(urlConfigs)}`, region, resource); | |
| `Unable to query for Lambda function url configs: ${helpers.addError(urlConfigs)}`, region, resource); |
alphadev4
reviewed
Apr 21, 2024
| title: 'Lambda Function URL Not In Use', | ||
| category: 'Lambda', | ||
| domain: 'Serverless', | ||
| severity: 'Medium', |
Collaborator
There was a problem hiding this comment.
Suggested change
| severity: 'Medium', | |
| severity: 'Low', |
alphadev4
reviewed
Apr 21, 2024
| domain: 'Serverless', | ||
| severity: 'Medium', | ||
| description: 'Ensure that AWS Lambda functions are not configured with function URLs for HTTP(S) endpoints.', | ||
| more_info: 'A function URL is a dedicated HTTP(S) endpoint created for your Amazon Lambda function. You can use a function URL to invoke your Lambda function. But it can lead to some security risks depending on the security configuration and intention of the function.', |
Collaborator
There was a problem hiding this comment.
Suggested change
| more_info: 'A function URL is a dedicated HTTP(S) endpoint created for your Amazon Lambda function. You can use a function URL to invoke your Lambda function. But it can lead to some security risks depending on the security configuration and intention of the function.', | |
| more_info: 'Using function URL creates a direct HTTP(S) endpoint to function allowing public, and unauthenticated access to your function URL posing a security threat and public exposure to application. |
alphadev4
reviewed
Apr 21, 2024
|
|
||
| if (urlConfigs.data.FunctionUrlConfigs && | ||
| urlConfigs.data.FunctionUrlConfigs.length){ | ||
| helpers.addResult(results, 2, 'Lambda function Url is configured', region, resource); |
Collaborator
There was a problem hiding this comment.
Suggested change
| helpers.addResult(results, 2, 'Lambda function Url is configured', region, resource); | |
| helpers.addResult(results, 2, 'Lambda function url is configured', region, resource); |
alphadev4
reviewed
Apr 21, 2024
| urlConfigs.data.FunctionUrlConfigs.length){ | ||
| helpers.addResult(results, 2, 'Lambda function Url is configured', region, resource); | ||
| } else { | ||
| helpers.addResult(results, 0, 'Lambda function Url is not configured', region, resource); |
Collaborator
There was a problem hiding this comment.
Suggested change
| helpers.addResult(results, 0, 'Lambda function Url is not configured', region, resource); | |
| helpers.addResult(results, 0, 'Lambda function url is not configured', region, resource); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.