Detections
Analytics

Ensure AWS Lambda functions are configured to use provisioned concurrency

LOW

Description

By allocating provisioned concurrency, additional resources are made available so requests can be processed with low latency. Lambda functions configured with provisioned concurrency are ideal for production. However, there is an additional cost involved.

Remediation

In AWS Console -

  1. Sign in to AWS Console and go to the Functions page on the Lambda console.
  2. Choose a function to update.
  3. Select Configuration and then select Concurrency.
  4. Under Provisioned concurrency configurations, select Add configuration.
  5. Select an alias or version.
  6. Enter the amount of provisioned concurrency to allocate.
  7. Select Save.

In Terraform -

  1. Create an aws_lambda_provisioned_concurrency_config resource.
  2. Set the provisioned_concurrent_executions and qualifier fields accordingly.
  3. Set the function_name field to the correct Lambda function name.

References
https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_provisioned_concurrency_config

Policy Details

Rule Reference ID: AC_AWS_0615
CSP: AWS
Remediation Available: Yes
Domain: Resilience
Resource: aws_lambda_function
Resource Category: Serverless
Resource Type: Lambda

Frameworks