Menu
I'm running a sensitive AWS Lambda function, which is required to never connect outbound to the Internet. However, lambda function uses several 3rd party open source libraries, which are not trust-able (potentially leak data). Is there a way to block outbound connections entirely from Lambda?
775
asked Sep 07 '25 13:09
If the code doesn't need outbound Internet access at all, place the function in a subnet in a VPC.
If the code needs outbound access but it can be limited to trusted servers, place the function in a private subnet having a route to a NAT Gateway, all in an Internet Gatway-enabled VPC. Then whitelist trusted server IPs in the security group associated with the Lambda.
How a compromised NPM package can steal your secrets (POC + prevention).
64
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
