Skip to main content

Remediation

Remove Public Permissions from the Function

From Command Line

Retrieve the resource-based policy and note the statement ID (Sid) that grants public access:
```
aws lambda get-policy \
    --function-name {{function-name}} \
    --output text
```

Remove the permission statement that grants access to all principals:

aws lambda remove-permission \
    --function-name {{function-name}} \
    --statement-id {{sid}}

Remove Public Permissions from the Function
- From Command Line