Service Control Policies: Prevent Users from Creating Open Lambda URLs

My Saved Presets

This SCP prevents users from creating open Lambda HTTP URLs that do not required authentication and enforces AWS_IAM authentication on all Lambda URLs

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "lambda:CreateFunctionUrlConfig",
                "lambda:UpdateFunctionUrlConfig"
            ],
            "Resource": "arn:aws:lambda:*:*:function/*",
            "Effect": "Deny",
            "Condition": {
                "StringNotEquals": {
                    "lambda:FunctionUrlAuthType": "AWS_IAM"
                }
            }
        }
    ]
}

* Required field

Loading Library ...

Prevent Users from Creating Open Lambda URLs

Actions

Customize Template

Policy Parameters