Back to All Checks
Low Lambda Regional

Lambda functions should have AWS X-Ray active tracing enabled

NIST 800-53

Description

This control checks whether active tracing with AWS X-Ray is enabled for an AWS Lambda function. The control fails if active tracing with X-Ray is disabled for the Lambda function. AWS X-Ray can provide tracing and monitoring capabilities for AWS Lambda functions, which can save time and effort debugging and operating Lambda functions. It can help you diagnose errors and identify performance bottlenecks, slowdowns, and timeouts by breaking down latency for Lambda functions. It can also help with data privacy and compliance requirements. If you enable active tracing for a Lambda function, X-Ray provides a holistic view of data flow and processing within the Lambda function, which can help you identify potential security vulnerabilities or non-compliant data handling practices. This visibility can help you maintain data integrity, confidentiality, and compliance with relevant regulations.

Remediation

To remediate Lambda functions without X-Ray tracing, you need to enable active tracing with AWS X-Ray.

Steps

  1. Navigate to the AWS Lambda console
  2. Select the Lambda function
  3. Go to the 'Configuration' tab
  4. Click on 'Monitoring and operations tools'
  5. Select 'X-Ray' from the options
  6. Enable 'Active tracing'
  7. Save the configuration
  8. Verify X-Ray tracing is enabled
  9. Test the function to ensure tracing is working
  10. Set up monitoring and alerting for X-Ray traces

Compliance

NIST 800-53
Start Your Free Security Check