Detections
Analytics

Ensure tracing is enabled for AWS Lambda Functions

LOW

Description

Lambda tracing if not enabled can have an impact the integrity and incident response.

Remediation

In AWS Console -

  1. Sign in to AWS Console and go to the Functions page on the Lambda console.
  2. Select a function.
  3. Select Configuration and then choose Monitoring tools.
  4. Select Edit.
  5. Under X-Ray, enable Active tracing.
  6. Click Save.

In Terraform -

  1. In the aws_lambda_function resource, set the tracing_config.mode field to Active.

References:
https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#tracing_config

Policy Details

Rule Reference ID: AC_AWS_0163
CSP: AWS
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: aws_lambda_function
Resource Category: Serverless
Resource Type: Lambda

Frameworks