IAM entities with access to update Lambda functions
Rating | ⚠ - Medium |
---|---|
Description
Any entity that is capable of updating a Lambda function is capable of potentially executing code running as the Lambda function.
Vulnerability
Privilege escalation issues could occur if an unauthorised user is able to update a Lambda function.
Remediation
Update the user or role permissions, by adjusting group memberships, or by adjusting the policies attached to the users, groups or roles.