💼 [Lambda.1] Lambda function policies should prohibit public access

• ID: /frameworks/aws-fsbp-v1.0.0/lambda/01

Stats

not available

Description

The Lambda function should not be publicly accessible, as this may allow unintended access to your function code.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/lambda-controls.html#lambda-1
• Internal
  • ID: dec-c-709a753d

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-3 Access Enforcement	15	6	66		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-3(7) Access Enforcement _ Role-based Access Control			36		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4 Information Flow Enforcement	32	76	131		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows		42	68		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6 Least Privilege	10	23	78		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-21 Information Sharing	2		19		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7 Boundary Protection	29	8	98		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(3) Boundary Protection _ Access Points			19		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(4) Boundary Protection _ External Telecommunications Services			49		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			35		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(11) Boundary Protection _ Restrict Incoming Communications Traffic			37		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(16) Boundary Protection _ Prevent Discovery of System Components			37		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(20) Boundary Protection _ Dynamic Isolation and Segregation			20		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(21) Boundary Protection _ Isolation of System Components			37		no data
💼 PCI DSS v3.2.1 → 💼 1.2.1 Restrict inbound and outbound traffic to that which is necessary for the cardholder data environment, and specifically deny all other traffic.		10	67		no data
💼 PCI DSS v3.2.1 → 💼 1.3.1 Implement a DMZ to limit inbound traffic to only system components that provide authorized publicly accessible services, protocols, and ports.		6	30		no data
💼 PCI DSS v3.2.1 → 💼 1.3.2 Limit inbound Internet traffic to IP addresses within the DMZ.			30		no data
💼 PCI DSS v3.2.1 → 💼 1.3.4 Do not allow unauthorized outbound traffic from the cardholder data environment to the Internet.			15		no data
💼 PCI DSS v3.2.1 → 💼 7.2.1 Coverage of all system components.			11		no data
💼 PCI DSS v4.0.1 → 💼 7.2.1 An access control model is defined and includes granting appropriate access.			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Lambda Function allows public access🟢	1	🟠 x1, 🟢 x5	no data