Lambda Security

AWS Lambda security covers the configuration and runtime controls needed to secure serverless functions, including IAM execution role permissions, VPC placement, environment variable encryption, layer security, and function URL authentication. Lambda's ephemeral execution model eliminates many traditional host security concerns but introduces risks including overly permissive IAM roles, insecure dependencies bundled in deployment packages, and injection via event payloads.

Resource-based policies control which services and accounts can invoke Lambda functions.