3
Resources
23
Total Findings
42
Rules Executed
15
Unique Rules
0
Exception
9.133s
Timespent
Summary
Filter
UseArmArchitecture
Performance Efficiency- Description
- 3 of your Lambda function(s) are not using arm64 architecture. Lambda functions that use arm64 architecture (AWS Graviton2 processor) can achieve significantly better price and performance than the equivalent function running on x86_64 architecture. Consider using arm64 for compute-intensive applications such as high-performance computing, video encoding, and simulation workloads.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Testing Required
- Recommendation
- Advantages of using arm64
lambdaCodeSigningDisabled
Security- Description
- Code Signing: Code Signing has not been enabled for 3 of your Lambda. Enable Code Signing to ensure only trusted code run in your Lambda functions
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Testing Required
- Recommendation
- Configuring code signing for AWS Lambda
lambdaDeadLetterQueueDisabled
Operation Excellence- Description
- Dead Letter Queue: Dead Letter Queue (DLQ) has not been enabled for 3 of your Lambda. Enable DLQ to send unprocessed events to SQS or SNS topic.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Testing Required Cost Incurred
- Recommendation
- Dead Letter Queue Configuration
lambdaEnhancedMonitoringDisabled
Operation Excellence- Description
- Enhanced Monitoring: Enhanced Monitoring is disabled for 3 of your Lambda functions. Enabled enhanced monitoring to better monitor, troubleshoot and optimize functions.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Cost Incurred
- Recommendation
- Using Lambda Insights in Amazon CloudWatch
lambdaCMKEncryptionDisabled
Security- Description
- Customer Managed Key: CMK is not enabled for 3 of your Lambda funciton. Enable CMK to enjoy a more granular control over the data encryption and decryption process.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Recommendation
- Lambda securing environment variables
lambdaReservedConcurrencyDisabled
Performance Efficiency- Description
- Provisioned Concurrency: Provisioned Concurrency is disabled for 3 of your Lambda function. Enable provision concurrency to improve Lambda scaling performance.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Testing Required Cost Incurred
- Recommendation
- Configuring provisioned concurrency
lambdaTracingDisabled
Operation Excellence- Description
- Tracing: Tracing feature is diabled for 3 of your Lambda function. Enable tracing for better visibility of execution and performance of functions.
- Resources
- ap-southeast-1: Lambda::aws-controltower-NotificationForwarder | Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Label
- Cost Incurred
- Recommendation
- Using AWS Lambda with AWS X-Ray
lambdaNotInUsed30Days
Operation Excellence- Description
- Function not in used: 2 of your Lambda is not invoked in past 30 days. Remove unused function to maintain up-to-date environment and control costs
- Resources
- ap-southeast-1: Lambda::SecretsManagerrds-rotation-lambda
- us-east-1: Lambda::aws-controltower-NotificationForwarder
- Recommendation
- API to delete Lambda
Detail
ap-southeast-1
1. aws-controltower-NotificationForwarder
| Check | Current Value | Recommendation |
|---|---|---|
| UseArmArchitecture | x86_64 | Use Arm64 Architecture |
| lambdaCodeSigningDisabled | Disabled | Code Signing Disabled |
| lambdaDeadLetterQueueDisabled | Disabled | Dead Letter Queue Disabled |
| lambdaEnhancedMonitoringDisabled | Disabled | Enhanced Monitoring Disabled |
| lambdaCMKEncryptionDisabled | Disabled | Customer Managed Key Not In Used |
| lambdaReservedConcurrencyDisabled | Disabled | Provisioned Concurrency Disabled |
| lambdaTracingDisabled | Disabled | Tracing Disabled |
2. SecretsManagerrds-rotation-lambda
| Check | Current Value | Recommendation |
|---|---|---|
| UseArmArchitecture | x86_64 | Use Arm64 Architecture |
| lambdaCodeSigningDisabled | Disabled | Code Signing Disabled |
| lambdaDeadLetterQueueDisabled | Disabled | Dead Letter Queue Disabled |
| lambdaEnhancedMonitoringDisabled | Disabled | Enhanced Monitoring Disabled |
| lambdaCMKEncryptionDisabled | Disabled | Customer Managed Key Not In Used |
| lambdaNotInUsed30Days | Function not in used for 30 days | |
| lambdaReservedConcurrencyDisabled | Disabled | Provisioned Concurrency Disabled |
| lambdaTracingDisabled | Disabled | Tracing Disabled |
us-east-1
3. aws-controltower-NotificationForwarder
| Check | Current Value | Recommendation |
|---|---|---|
| UseArmArchitecture | x86_64 | Use Arm64 Architecture |
| lambdaCodeSigningDisabled | Disabled | Code Signing Disabled |
| lambdaDeadLetterQueueDisabled | Disabled | Dead Letter Queue Disabled |
| lambdaEnhancedMonitoringDisabled | Disabled | Enhanced Monitoring Disabled |
| lambdaCMKEncryptionDisabled | Disabled | Customer Managed Key Not In Used |
| lambdaNotInUsed30Days | Function not in used for 30 days | |
| lambdaReservedConcurrencyDisabled | Disabled | Provisioned Concurrency Disabled |
| lambdaTracingDisabled | Disabled | Tracing Disabled |