Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Severity: High

Description: This control ensures that environment variables are encrypted with a Customer Master Key at rest. Lambda environment variables can contain sensitive information such as database connection info and should be protected when stored.

Remediation Steps:

Perform following to remove cross account triggers from lambda function:

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to AWS Lambda console.

  3. In the navigation pane,  select Functions.

  4. Select the function to be modified.

  5. Navigate to Environment Variables.

  6. Under AWS KMS key to encrypt at rest, choose Use a customer master key.

  7. Select the KMS key of choice.

  8. Click Save changes to apply.

Important:

Additional charges may apply when using AWS KMS CMK.

Reference:

  • No labels

Blue Hexagon Proprietary