1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
If you are deploying a Lambda function to an account (yours or the customers) where your customer has permissions to access Lambda then they can view, update or execute the Lambda function in line with the permissions they have in that account. Accessing the source code is included in "view".
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
There is no view in lambda if it's an image right? how can they view/ update the code there then?
To answer that question I'd need to know specifically what permissions the customer has and what you mean by "it's an image". Could you explain further in detail?
Thank you for your input on the matter. To give you more information, the Customers have full access to their account (client account) where lambda is set up. But the lambda uses a docker image (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html ) from another account (server account) where cross-account policies allowing actions: "ecr:BatchGetImage", "ecr:GetDownloadUrlForLayer".
If the image is download into a customer account then they have access to it.