Control: Ensure encryption in transit is enabled for Lambda environment variables
Description
As you can set your own environmental variables for Lambda it is important to also encrypt them for in transit protection.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.lambda_function_encryption_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.lambda_function_encryption_enabled --shareSQL
This control uses a named query:
select arn as resource, case when kms_key_arn is null then 'alarm' else 'ok' end as status, case when kms_key_arn is null then title || ' encryption is disabled.' else title || ' encryption is enabled.' end as reason , region, account_idfrom aws_lambda_function;