Lambda and Compliance - Security Overview of AWS Lambda

Lambda and Compliance

As mentioned in the "Shared Responsibility Model" section, you are responsible for determining which compliance regime applies to your data. After you have determined your compliance regime needs, you can use the various Lambda features to match those controls. You can contact AWS experts (such as Solution Architects, domain experts, technical account managers and other human resources) for assistance. However, AWS cannot advise customers on whether (or which) compliance regimes are applicable to a particular use case.

As of November 2020, Lambda is in scope for SOC 1, SOC 2, and SOC 3 reports, which are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. For an up-to-date list of compliance information, see the AWS Services in Scope by Compliance Program page.

Because of the sensitive nature of some compliance reports, they cannot be shared publicly. For access to these reports, you can sign in to the AWS Management Console and use AWS Artifact, a no-cost, self-service portal, for on-demand access to AWS compliance reports.