What if you have a lambda with a full admin role that is not sanitizing its inpu... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		poxrud on July 28, 2019 \| parent \| context \| favorite \| on: How I use the good parts of AWS What if you have a lambda with a full admin role that is not sanitizing its inputs? Or maybe it's using an outdated file parsing library (csv/yaml) with a vulnerability. Now your entire AWS account could potentially be compromised.

DVassallo on July 28, 2019 [–]

Yes, I would use a restricted role for Lambda too. Anything that gets creds in user space gets restricted permissions: EC2, Lambda, ECS, etc.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact