Message: Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva isn't using the latest version of runtime environment

Description --- More Info
Ensure that you always use the latest version of the execution environment configured for your Amazon Lambda functions in order to adhere to AWS cloud best practices and receive the newest software features, get the latest security patches and bug fixes, and benefit from better performance and reliability. A Lambda runtime (execution) environment is a container build based on the configuration settings that you provide when you create your Lambda function. Amazon Lambda serverless architecture supports several runtime environments such as Node.js, Edge Node.js, Java, Python and .NET Core (C#) that you can use to run your functions.

Message: Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva doesn't allow unknown cross account access

Description --- More Info
Ensure that all your Amazon Lambda functions are configured to allow access only to trusted AWS accounts in order to protect against unauthorized cross-account access. Before running this rule by the Trend Micro Cloud One™ – Conformity engine, the list with the trusted AWS account identifiers must be configured in the rule settings, on your Conformity account console. Conformity tracks Amazon Lambda permission policies (also known as resource-based policies) and alerts if a function can be invoked from a foreign AWS cloud account (unless the account has been explicitly specified within the rule settings as a trusted account).

Message: Tracing mode isn't enabled for Lambda Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva

Description --- More Info
Ensure that active tracing is enabled for your Amazon Lambda functions in order to gain visibility into the execution and performance of the functions. With the tracing feature enabled, Amazon activates Lambda support for AWS X-Ray, a service that collects data about requests that your functions perform, which provides tools that you can use to view, filter, and gain insights into the collected data in order to identify issues and opportunities for optimization.

Message: Lambda Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva isn't exposed to everyone

Description --- More Info
Identify any publicly accessible Amazon Lambda functions and update their access policy in order to protect against unauthorized users that are sending requests to invoke these functions.

Message: Lambda Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva doesn't have VPC Access

Description --- More Info
Ensure that your Amazon Lambda functions have access to VPC-based resources such as Amazon Redshift data warehouses, Amazon ElastiCache clusters, RDS database instances, and service endpoints that are only accessible from within a particular Virtual Private Cloud (VPC).

Message: Lambda Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva has no URL(s)

Description --- More Info

Message: Function senttosecurityhublambdafunction532bc798-zwxyw0zlljva isn't using the supported version of runtime environment

Description --- More Info

Message: lambda-function senttosecurityhublambdafunction532bc798-zwxyw0zlljva has [Environment, Role, Owner, Name] tags missing

Description --- More Info
Ensure that user-defined tags (metadata) are being used for labeling, collecting, and organizing resources available within your AWS cloud environment. Trend Micro Cloud One™ – Conformity recommends the following tagging schema to help you identify and manage your cloud resources.

Message: IAM Role [senttosecurityhublambdafunctionservicerole58d0f596-mec5hbbh7jod] isn't too permissive

Description --- More Info
Ensure that the policies attached to your Amazon IAM roles are not too permissive. To adhere to IAM security best practices, the policies configured for your IAM roles should implement the Principle of Least Privilege (also known as the principle of least authority, i.e. the security concept of providing every identity, process, or system the minimal set of permissions required to successfully perform its tasks).

Message: IAM role senttosecurityhublambdafunctionservicerole58d0f596-mec5hbbh7jod doesn't allow unknown cross account access

Description --- More Info
Ensure that your Amazon IAM roles are configured to be used only by trusted AWS accounts in order to protect against unauthorized cross-account access. Before running this rule by the Conformity engine, the list with the trusted AWS account identifiers must be configured in the rule settings, on your Trend Micro Cloud One™ – Conformity account console.

Message: iam-role senttosecurityhublambdafunctionservicerole58d0f596-mec5hbbh7jod has [Environment, Role, Owner, Name] tags missing

Description --- More Info
Ensure that user-defined tags (metadata) are being used for labeling, collecting, and organizing resources available within your AWS cloud environment. Trend Micro Cloud One™ – Conformity recommends the following tagging schema to help you identify and manage your cloud resources.