AWS Lambda publicizes give a boost to for lambda:SourceFunctionArn. A brand spanking new IAM state of affairs key that can be used for IAM protection necessities that explain the ARN of the function from which a request is made. Starting at the present time, when a function is invoked, Lambda will automatically add the new lambda:SourceFunctionArn state of affairs key to the request context of all AWS API calls made by the use of function code. You are able to use the Scenario section in your IAM protection to check the lambda:SourceFunctionArn state of affairs key inside the request context with values that you just specify in your protection.
This capability means that you can implement complicated protection controls for the AWS API calls taken by the use of your Lambda function code. For example, you can write conditional insurance coverage insurance policies using the new lambda:SourceFunctionArn at the side of provide state of affairs keys similar to aws:SourceIP or aws:SourceVPC to grant permissions to AWS API calls only if those originate from inside the purchaser’s VPC.
This selection is available in all public AWS Spaces, Amazon Web Products and services and merchandise China (Beijing) Space, operated by the use of Sinnet and Amazon Web Products and services and merchandise China (Ningxia) Space, operated by the use of NWCD. To learn additional about this feature, please visit the Lambda Developer Knowledge.
