Improper filtering of Amazon Machine Images (AMIs) can result in loading an untrusted image, a potential security vulnerability.
To always return the subscription ARN, set the
ReturnSubscriptionArn argument to
Missing pagination on a paginated call can lead to inaccurate results.
Recreating AWS clients in each Lambda function invocation is expensive.
Logging unencrypted AWS credentials can expose them to an attacker.
Encryption that is dependent on conditional logic, such as an
if...then clause, might cause unencrypted sensitive data to be stored.
Synchronous publication of AWS Lambda metrics is inefficient.
Not checking which items have failed can lead to loss of data.
Custom polling can be inefficient and prone to error. Consider using AWS waiters instead.
Failing to set the
AuthenticateOnUnsubscribe flag to
True when confirming an SNS subscription can lead to unauthenticated cancellations.
Response metadata was not checked to verify that it is not
Incorrect binding of SNS publish operations with the
create_topic operations might lead to latency issues.
Client-side decryption followed by reencryption is inefficient and can lead to sensitive data leaks.
Overriding environment variables that are reserved by AWS Lambda might lead to unexpected behavior.
Not setting the S3 bucket owner condition might introduce a risk of accidentally using a wrong bucket.