Ensure that AWS Lambda function is configured for function-level concurrent execution limit

You can now set a concurrency limit on individual AWS Lambda functions. The concurrency limit you set will reserve a portion of your account level concurrency limit for a given function.

Risk Level: Low
Cloud Entity: AWS Lambda
CloudGuard Rule ID: D9.CFT.OPE.13
Covered by Spectral: Yes
Category: Compute

GSL LOGIC

AWS_Lambda_Function should have ReservedConcurrentExecutions

REMEDIATION

From CFT
Set AWS::Lambda::Function ReservedConcurrentExecutions property to a value as per the requirement

References

  1. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-reservedconcurrentexecutions
  2. https://aws.amazon.com/blogs/compute/managing-aws-lambda-function-concurrency/

AWS Lambda

AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running.

With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.

Compliance Frameworks

  • AWS CloudFormation ruleset