DUNLOP.GEEK.NZ

PureSec FunctionShield

1 min read
5 years ago Paul Dunlop

Not an AWS created blog or tool this time. Rather one from PureSec!

If you are writing serverless applications using LAMBDA as a back end for your APIs this is a good addition to the tool kit to ensure the lambda function is viewed in a more granular fashion to appease the security people.

https://www.puresec.io/function-shield

From the site it can:

  • Disable outbound internet connectivity (except for AWS/Google Cloud resources) from the serverless runtime environment, if such connections are not required transfer    
  • Disable read/write on the /tmp/ directory, if such operations are not required execution (1)    
  • Disable child process execution, if such execution is not required by the function scode    
  • Disable read access to the function’s handler and  prevent source code leakage

More Stories

4 min read

Query your Entire AWS Org using Steampipe

5 months ago Paul Dunlop
4 min read

Using IAM Role Anywhere Credentials for Seamless Access Beyond AWS

7 months ago Paul Dunlop
7 min read

AWS App Runner + PHP

7 months ago Paul Dunlop

You may have missed

4 min read

Query your Entire AWS Org using Steampipe

5 months ago Paul Dunlop
4 min read

Using IAM Role Anywhere Credentials for Seamless Access Beyond AWS

7 months ago Paul Dunlop
7 min read

AWS App Runner + PHP

7 months ago Paul Dunlop
3 min read

Enable AWS Control Tower for Existing Organizations

3 years ago Paul Dunlop