Menu
I have created a AWS lambda function and uploaded zipped version of .py file from my local machine using "upload Zip file" option.But when the lambda function is invoked the code is visible on the inline editor.I dont want code to be visible on inline editor as it gives a chance to someone to edit the code..
Please suggest!!
876
The code for Lambda functions will always be available to either edit in the inline editor or download (Actions > Download function code).
I'm assuming your concern might be secrets or credentials that might be present in the code, then the issue here isn't that the code is readable or downloadable from the console but that you're not sufficiently protecting them. Take a look at the following question on Stack Overflow which answers this: How to (properly) use external credentials in an AWS Lambda function?
You can still restrict access to Lambda for other IAM users in your AWS account with an access policy statement like this:
{
"Action": "lambda:*",
"Effect": "Deny",
"Resource": "arn:aws:lambda:<region>:<account>:*"
}
Or be more specific if you simply want do deny access to listing and displaying Lambda functions with lambda:GetFunction, lambda:GetFunctionConfiguration.
194
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
