Policy: AWS > Lambda > Function > Layer Trusted Access

Manage trusted access for AWS Lambda function layers.

AWS allows Lambda function layers to be shared with specific AWS accounts. This policy allows you to configure whether such sharing is allowed, and to which accounts.

If set to Enforce, access to non-trusted accounts will be removed from the function layer.

Targets

This policy targets the following resource types:

AWS > Lambda > Function

Accounts

Controls

Setting this policy configures this control:

AWS > Lambda > Function > Layer Trusted Access

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Trusted Access > Accounts` `Enforce: Trusted Access > Accounts`
Examples [YAML]	`Check: Trusted Access > Accounts`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/securityTrustedAccess

Policy Type URI

tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess

GraphQL

query policyType(id: "tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-lambda#/policy/types/functionLayerTrustedAccess"