-
Notifications
You must be signed in to change notification settings - Fork 37
Security Considerations
John Cherian edited this page Mar 27, 2023
·
1 revision
- The Docker image should be updated based on the base image updates for vulnerabilities. The docker image should be build and uploaded to AWS ECR to on regular basis to keep up with the security updates.
- In case of version changes to any frameworks in the dockerfile, the customer should test it locally and scan for vulnerability before taking it production.
- Deploy the AWS Lambda into a VPC for private traffic and use amazon least privileges model to create the role for AWS Lambda.
- The Amazon S3 folder access should also follow the least privilege access.