Posted On: Dec 3, 2021
AWS Lambda now logs the Hyperplane Elastic Network Interface (ENI) ID in AWS CloudTrail data events, for functions running in an Amazon Virtual Private Cloud (VPC). Customers can use the ENI ID in AWS CloudTrail data events to audit the security of their applications, and verify that only authorized functions are accessing their VPC resources through a shared Hyperplane ENI.
Today, Lambda functions configured with a VPC access resources in the VPC using Hyperplane ENI. Multiple Lambda functions using the same subnet and security group combination can reuse a Hyperplane ENI. With this feature, customers can now map which Lambda function invoked a Hyperplane ENI using CloudTrail data events. This is especially useful for customers in the financial services and healthcare sector who have stringent audit and regulatory compliance requirements.
AWS Lambda support for logging Hyperplane ENI ID in AWS CloudTrail data events is generally available in US East (N. Virginia), US West (N. California), US East (Ohio), US West (Oregon), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Europe (Milano), Asia Pacific (Singapore), Asia Pacific (Tokyo), Asia Pacific (Sydney), Asia Pacific (Seoul), Asia Pacific (Osaka), Asia Pacific (Mumbai), Asia Pacific (Hong Kong), Canada (Central), Middle East (Bahrain), South America (Sao Paulo), and Africa (Cape Town). For more information on availability, please see the AWS Region table.
To understand how Lambda functions access resources in VPC using a Hyperplane ENI, refer to this blog on VPC networking for Lambda functions. For details on how to use AWS Lambda with CloudTrail, refer to Lambda developer guide. For information on CloudTrail data events, see CloudTrail data events documentation.