Lambda Function Without Tags

  • Query id: 265d9725-2fb8-42a2-bc57-3279c5db82d5
  • Query name: Lambda Function Without Tags
  • Platform: Ansible
  • Severity: Medium
  • Category: Insecure Configurations
  • URL: Github

Description

AWS Lambda Functions must have associated tags.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
- name: add tags
  community.aws.lambda:
    name: 'Lambda function'
    state: present
    zip_file: 'code.zip'
    runtime: 'python2.7'
    role: 'arn:aws:iam::987654321012:role/lambda_basic_execution'
    handler: 'hello_python.my_handler'

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: add tags
  community.aws.lambda:
    name: 'Lambda function'
    state: present
    zip_file: 'code.zip'
    runtime: 'python2.7'
    role: 'arn:aws:iam::987654321012:role/lambda_basic_execution'
    handler: 'hello_python.my_handler'
    tags:
      key1: 'value1'