Lambda function should not be accessible over the public internet

Docs > Datadog Security > OOTB Rules > Lambda function should not be accessible over the public internet

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Identify instances where a Lambda function can be invoked by anyone, either directly or through a Lambda function URL. Allowing unrestricted access to your Amazon Lambda functions poses significant risks.

Note: Allowing anonymous users to invoke Lambda functions can lead to data loss, exposure, and unexpected AWS billing charges.

Remediation

To learn how to update your AWS Lambda function permissions, refer to the AWS Documentation on resource-based policies for Lambda.