Lambda Permission Misconfigured
- Query id: 75ec6890-83af-4bf1-9f16-e83726df0bd0
- Query name: Lambda Permission Misconfigured
- Platform: Terraform
- Severity: Low
- Category: Best Practices
- CWE: 710
- URL: Github
Description¶
Lambda permission may be misconfigured if the action field is not filled in by 'lambda:InvokeFunction'
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_lambda_permission" "positive1" {
action = "lambda:DeleteFunction"
function_name = aws_lambda_function.logging.function_name
principal = "logs.eu-west-1.amazonaws.com"
source_arn = "${aws_cloudwatch_log_group.default.arn}:*"
}