Digging into Lambda
Now that we have had a brief introduction to what Lambda is and how to set up our own Lambda service, it's time we started looking at some of the security issues with Lambda. You may see some of them during an actual pentesting engagement. When it comes to AWS, one of the most significant issues I have seen as a pentester is policy issues associated with Lambda. Policies are what restrict and allow access to resources, similar to what we looked at in Chapter 4, Exploiting S3 Buckets. We are going to be doing something using the same methodology within this section, but we will be looking at misconfigurations with Lambda.
Important note
You'll begin to notice that, while the target differs in each chapter in this book, the methodology stays more or less the same, because we use the same steps to extract results from our targets.
Let's begin to move forward with more concepts and start building some stuff in Lambda. Let's start by making...
