AWS Config Rule: Lambda VPC In Multi AZ


Ryan Ware

Last Update 4 days ago

Description: Checks if Lambda has more than 1 availability zone associated. The rule is NON_COMPLIANT if only 1 availability zone is associated with the Lambda or the number of availability zones associated is less than number specified in the optional parameter.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region

How to Resolve Manually

A Lambda Function has the option to be situated within a VPC. If this option is chosen, it is possible to configure the Lambda Function to use one or more Subnets within that VPC.

This AWS Config Rule checks that the Subnets chosen at this stage make use of 1 or more availability zone. If the configuration only uses one Subnet, or 2 subnets in the same availability zones, this Lambda Function will be marked as NON_COMPLIANT.

In order to resolve this manually, head on over to your Lambda Dashboard within the AWS Console. From here, select your desired Lambda Function. From the tabs shown on the Function's page, choose Configuration. Once here, from the newly populated list on the left, choose VPC.

In the example picture below, a VPC is chosen, and two subnets which are in different availability zones. This will ensure this Lambda Function will flag as COMPLIANT in regards to this AWS Config Rule.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us