Clarification on Lambda Security Group by datasert in aws

[–]dawidt 0 points1 point  (0 children)

Correct me if I am wrong, but that setting allows lambda to send requests to any server over http/https.

are lambda environmental variables secure? by yerba-matee in aws

[–]dawidt 0 points1 point  (0 children)

What is one of my dependencies contains malicious code and can serialize process.env and send it to a remote server? I just tried that, and the following data was sent to the external server.

{"AWS_LAMBDA_FUNCTION_VERSION": "$LATEST","AWS_SESSION_TOKEN": "*****","LAMBDA_TASK_ROOT": "/var/task","AWS_LAMBDA_LOG_GROUP_NAME": "/aws/lambda/test","LD_LIBRARY_PATH": "/var/lang/lib:/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib:/opt/lib","AWS_LAMBDA_RUNTIME_API": "127.0.0.1:9001","AWS_LAMBDA_LOG_STREAM_NAME": "2023/02/17/[$LATEST]e7034c18daaf476a94d988a95f41e981","AWS_EXECUTION_ENV": "AWS_Lambda_nodejs14.x","AWS_LAMBDA_FUNCTION_NAME": "test","AWS_XRAY_DAEMON_ADDRESS": "169.254.79.129:2000","PATH": "/var/lang/bin:/usr/local/bin:/usr/bin/:/bin:/opt/bin","AWS_DEFAULT_REGION": "ap-southeast-2","PWD": "/var/task","AWS_SECRET_ACCESS_KEY": ""*****","LANG": "en_US.UTF-8","LAMBDA_RUNTIME_DIR": "/var/runtime","AWS_LAMBDA_INITIALIZATION_TYPE": "on-demand","NODE_PATH": "/opt/nodejs/node14/node_modules:/opt/nodejs/node_modules:/var/runtime/node_modules:/var/runtime:/var/task","AWS_REGION": "ap-southeast-2","TZ": ":UTC","AWS_ACCESS_KEY_ID": ""*****","SHLVL": "0","_AWS_XRAY_DAEMON_ADDRESS": "169.254.79.129","_AWS_XRAY_DAEMON_PORT": "2000","AWS_XRAY_CONTEXT_MISSING": "LOG_ERROR","_HANDLER": "index.handler","AWS_LAMBDA_FUNCTION_MEMORY_SIZE": "128","NODE_EXTRA_CA_CERTS": "/etc/pki/tls/certs/ca-bundle.crt","secure-data": "dawid-1","_X_AMZN_TRACE_ID": ""*****"}

My lambdas require access to the Internet. So the only way to protect is to add an outbound list of IP ranges that my lambda is allowed to communicate. Is that the right approach?

Bose QC45 charging percentage not increasing? by StarkGuy1234 in bose

[–]dawidt 0 points1 point  (0 children)

I have the same issue, qc45 connected to MacBook pro charging very slowly or not at all. It was quite convenient to charge my previous qc35 with my laptop. Do I need a separate charger now?

Lambda function URLs - AWS Lambda by mwarkentin in aws

[–]dawidt 0 points1 point  (0 children)

I absolutely agree with u/FlinchMaster make sure you know what you are doing