/
AWS-Lambda-env-variable-in-transit-encrytion-uses-aws-helpers

AWS-Lambda-env-variable-in-transit-encrytion-uses-aws-helpers

Severity: Medium

Description: This control ensures that Environment variables are encrypted before storing. Lambda environment variables can contain sensitive information and should be encrypted using AWS Lambda helpers for encryption in transit.

Remediation Steps:

Perform following to enable environment variable in transit encryption for lambda :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to AWS Lambda console.

  3. In the navigation pane,  select Functions.

  4. Select the function to be modified.

  5. Navigate to Environment Variables.

  6. Expand the Encryption Configuration.

  7. Click on the checkbox for Enable helpers for encryption in transit.

  8. Choose a KMS key for encryption.

  9. Encrypt Button will appear next to each environment variable.

  10. Click on Encrypt to encrypt each environment variable.

  11. Click Save changes to apply.

Important:

Reference:

Related content

AWS-Lambda-Variables-Contain-Secrets
AWS-Lambda-Variables-Contain-Secrets
More like this
AWS-SSM-SSM-Encrypted-Parameters
AWS-SSM-SSM-Encrypted-Parameters
More like this
AWS-DynamoDB-DynamoDB-KMS-Encryption
AWS-DynamoDB-DynamoDB-KMS-Encryption
More like this
AWS-S3-S3-Bucket-Encryption-Enforcement
AWS-S3-S3-Bucket-Encryption-Enforcement
More like this
AWS-SNS-SNS-Topic-CMK-Encryption
AWS-SNS-SNS-Topic-CMK-Encryption
More like this
AWS-EC2-EBS-Encryption-Enabled-By-Default
AWS-EC2-EBS-Encryption-Enabled-By-Default
More like this

Blue Hexagon Proprietary