Securing AWS Lambda Function URLs
Serverless adoption is rising rapidly. Recently, AWS released a new feature called Lambda function URLs. This feature enables configuring HTTP endpoints, to directly invoke lambda functions, without going through AWS API Gateway and other infrastructure. This means that other AWS services do not have to be provisioned in order to expose lambda functions as the application programming interface (API) endpoint. Developers are able to write code more quickly, providing value faster by using this newly introduced feature. However, be advised that using function URLs without passing through the API Gateway exposes your lambda function to new risks. An overview of the risks associated with using function URLs and how they should be addressed will be presented in this whitepaper.