The Shared Responsibility Model
Security and Compliance is a shared responsibility
For AWS Lambda, AWS manages the underlying infrastructure and foundation services, the operating system, and the application platform. You are responsible for the security of your code and identity and access management (IAM) to the Lambda service and within your function.
Figure 1 shows the shared responsibility model as it applies to the common and distinct components of AWS Lambda. AWS responsibilities appear below the dotted line in orange, and customer responsibilities appear above the dotted line in blue.

Figure 1 – Shared responsibility model for AWS Lambda