2 Comments
This post doesn't answer the question of why having a Lambda public is a security vulnerability. If I host the exact same code in an EC2 instance or an ECS cluster with no authentication, Config does not raise a Security Hub finding. What is uniquely vulnerable about putting code in a Lambda that makes it a CRITICAL Security Hub finding if it is accessible to the public?
replied 4 months ago
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Relevant content
- Accepted Answerasked a year ago
- asked 2 years ago
- Accepted Answerasked 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago