Lambda functions should have logging enabled

문서 > Datadog 보안 > OOTB Rules > Lambda functions should have logging enabled

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Lambda functions should have proper logging permissions to send logs to CloudWatch Logs for monitoring, debugging, and security auditing purposes.

Remediation

Ensure your Lambda function’s execution role has the necessary CloudWatch Logs permissions by attaching the AWS managed policy AWSLambdaBasicExecutionRole or creating a custom policy with the required actions: logs:CreateLogGroup, logs:CreateLogStream, and logs:PutLogEvents. Refer to Sending Lambda function logs to CloudWatch Logs.