Securing AWS Lambda function URLs
Recently, AWS released a new feature called AWS Lambda function URLs. This feature enables configuring HTTP endpoints to directly invoke lambda functions without going through AWS API Gateway and other infrastructure. Generating a function URL for your lambda function means it’s directly accessible and the URL for that function never changes.
Some of the benefits of using AWS Lambda function URLs include:
- Faster development time. In a true serverless style, even less infrastructure has to be built and maintained in order to expose your lambda.
- Faster response time. Function URLs have less overhead for your lambda, so the response time is shorter.
- It’s significantly cheaper. The current pricing is only for the lambda, without the additional costs of API Gateway.
The good news is that adopting this new AWS feature doesn’t mean you have to trade-off security. Contrast Serverless Application Security (AppSec) supports function URLs. Contrast Serverless identifies function URLs and all their configurations and treats them as triggers. Contrast Serverless can then include function URLs when providing contextual risk scores.
Read this white paper to learn more about AWS Lambda function URLs and Contrast Serverless AppSec.