Lambda function should not be accessible over the public internet

Description

Identify instances where a Lambda function can be invoked by anyone, either directly or through a Lambda function URL. Allowing unrestricted access to your Amazon Lambda functions poses significant risks.

Note: Allowing anonymous users to invoke Lambda functions can lead to data loss, exposure, and unexpected AWS billing charges.

Remediation

To learn how to update your AWS Lambda function permissions, refer to the AWS Documentation on resource-based policies for Lambda.