AWS Config Rule: Lambda VPC In Multi AZ
LAMBDA_VPC_MULTI_AZ_CHECK
Ryan Ware
Last Update 9 maanden geleden
Description: Checks if Lambda has more than 1 availability zone associated. The rule is NON_COMPLIANT if only 1 availability zone is associated with the Lambda or the number of availability zones associated is less than number specified in the optional parameter.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
A Lambda Function has the option to be situated within a VPC. If this option is chosen, it is possible to configure the Lambda Function to use one or more Subnets within that VPC.
This AWS Config Rule checks that the Subnets chosen at this stage make use of 1 or more availability zone. If the configuration only uses one Subnet, or 2 subnets in the same availability zones, this Lambda Function will be marked as NON_COMPLIANT.
In order to resolve this manually, head on over to your Lambda Dashboard within the AWS Console. From here, select your desired Lambda Function. From the tabs shown on the Function's page, choose Configuration. Once here, from the newly populated list on the left, choose VPC.
In the example picture below, a VPC is chosen, and two subnets which are in different availability zones. This will ensure this Lambda Function will flag as COMPLIANT in regards to this AWS Config Rule.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
